0cecfe58f0a6eb2060b764de7b5d4d25_JaffaCakes118 | Triage

Sharing

General

Target

0cecfe58f0a6eb2060b764de7b5d4d25_JaffaCakes118
Size

307KB
MD5

0cecfe58f0a6eb2060b764de7b5d4d25
SHA1

059931810b670e242a5a34fba8944700c3fa38b0
SHA256

e4b6fbc234ec4d39af97575c2ece95013bee0fc4b5c048a3973dad1e05208846
SHA512

c7367a50ab369c13722bb02bc41f7662a779ebc6a89c45345ef03675782993113109b102106ed9c683c6ef6f9c82911e82d682efbc624da13ba7da72401007e1
SSDEEP

6144:EjTjr7rLrLrLrbrrrxB0pBlVdfheBOt2dSsYxzWmgI6rJwfXFq2rV4wl5r8ynX/D:Gnr7rLrLrLrbrrrxB0blV5EOtfsYxzgV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cecfe58f0a6eb2060b764de7b5d4d25_JaffaCakes118

Files

0cecfe58f0a6eb2060b764de7b5d4d25_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d504fe534a9b412799e4470b91a92eb4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleAliasA
InterlockedExchange
CreatePipe
DeleteFileA
CreateMailslotA
SetVolumeLabelA
GetModuleHandleA
FatalExit
GetACP
InitializeCriticalSection
SetEnvironmentVariableA
SetCurrentDirectoryA
DeviceIoControl
GetModuleHandleW
WriteConsoleW
GetStringTypeW
DeleteFileA
GetProcessHeap
DeleteFileA
VirtualAlloc
CreateSemaphoreW
GetShortPathNameW
CreateFileMappingW

mshtml

ShowModalDialog
ShowHTMLDialog
DllEnumClassObjects
ShowModelessHTMLDialog

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rrs
Size: 298KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.afdr
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ