0ce76aae5b1789baf99bfeb02b444e3b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ce76aae5b1789baf99bfeb02b444e3b_JaffaCakes118
Size

64KB
MD5

0ce76aae5b1789baf99bfeb02b444e3b
SHA1

2862f30077ad5e9403124a98f47563e15efcbe73
SHA256

90ff356e3f868946da7ac5b327ab6df607326b409c451870b192392736a7a2bf
SHA512

8eb49433b9cb4de1592cb8b9f0fd75aadae8c4351d24807eb0c17c20654b576a8a0ddae84c2a83f8a07c24f27033f8fa39535342dd1b82e8f83d3e3b24f53089
SSDEEP

1536:Z9Hiojekg0M73jrTCv9dguI/XB2JjprAFhcT4Z:Z9t6aypsyFl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ce76aae5b1789baf99bfeb02b444e3b_JaffaCakes118

Files

0ce76aae5b1789baf99bfeb02b444e3b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dafc055ca0aea5c34e04497123576525

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
SetEnvironmentVariableA
LoadLibraryA
SetFilePointer
GetConsoleTitleA
DeleteFileA
Heap32Next
GetVersion
GetShortPathNameW
Heap32First
GetModuleHandleW
WriteConsoleW
DeleteFileA
GetConsoleAliasW
CreateFileMappingW
GetStringTypeW
SetEndOfFile
VirtualAlloc
GetStringTypeW
SetCurrentDirectoryA
GetACP
CreateMailslotW
GetProcessHeap

msoeacct

DllCanUnloadNow
DllGetClassObject
ValidEmailAddress
GetDllMajorVersion

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ