0a546e883ef6b60d388da0e4a7a09f66_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a546e883ef6b60d388da0e4a7a09f66_JaffaCakes118
Size

469KB
MD5

0a546e883ef6b60d388da0e4a7a09f66
SHA1

4b796250b1616de39c752cbd39e179621f2aa833
SHA256

ea48a0b3aad8dfd4d91a80541d177a98d5664a1f9dbdc8df9f8ce6aa90820b8b
SHA512

595c425435ae8e7d329137ef328372311da833369726f97a4dfe4f5487ec4ebc07ec438a82334f249ce98d3e68bb19dc809b31efe16dc6b7769fbe7d323dcf8b
SSDEEP

6144:j3TOPBinIAR2uUNX7Yo0GWF3gwGOyKLYmyhU3a3N+SlE4rRLP8YYHItSuXuAVqah:WklklASKsIUN+SGari7uj5Xx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a546e883ef6b60d388da0e4a7a09f66_JaffaCakes118

Files

0a546e883ef6b60d388da0e4a7a09f66_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b06532a13e772d2f6b6888e1d9b6ca12

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
WideCharToMultiByte
CloseHandle
GetCurrentProcess
GetLastError
VirtualAlloc

Sections

.text
Size: 342KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ