0ceeea8d005420d101c189cfc68ae5d1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ceeea8d005420d101c189cfc68ae5d1_JaffaCakes118
Size

21KB
MD5

0ceeea8d005420d101c189cfc68ae5d1
SHA1

bbaaa51d17f102252726f1993936fd20d98c09f7
SHA256

6fbbb4cb02af8213cd491d7b22046104e7eb6c701276259b18b6932bbadafb89
SHA512

d65c9e266b91d256422e5915ebf288c5e64034a708fe86243c8268692661ccf65782076b117db0d9e0d00aea89df8827839c8268c2afc707c2dbdaef5f10518a
SSDEEP

384:ARVAZmVBel1vHhzWUPDI39F0XMFhlP7FUMrhsDL9is3RsDOexxY7IsbC:ARVPWBTPrXyJUmhsDLhexxsIsu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ceeea8d005420d101c189cfc68ae5d1_JaffaCakes118

Files

0ceeea8d005420d101c189cfc68ae5d1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

925d520f5293e67288768f2e5b5319f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
VirtualAlloc
VirtualProtect
VirtualFree

msvcrt

ceil

ws2_32

connect

user32

wsprintfA

advapi32

RegCloseKey

shell32

ShellExecuteA

oleaut32

GetErrorInfo

Sections

.wde
Size: - Virtual size: 124KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wde
Size: 44KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE