0aa476832e3528001ac5f822da71ffcd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0aa476832e3528001ac5f822da71ffcd_JaffaCakes118
Size

183KB
MD5

0aa476832e3528001ac5f822da71ffcd
SHA1

31ed4a7e20580b5d7d73b22a106afd6cf6965e35
SHA256

27e09055bd39cd71800d9a74b72df94e8f4d7eb3f551c31b6f0a4401c4afe1e9
SHA512

9e0d6498fb5d6e90e00f0af22d3a05c72f0d6662941324c75ddeaee7035846fa21960435cd9d25f1397efe054cb1456a041a5d529eba35609c7ed8c2ac1c2c97
SSDEEP

3072:GBqQjkLWMOV0gTUa+4T2OWzM/QMVAG1CUNZCJeKTh2kTwTL140spkcScq:GBqQAKBUFG2OSKsYCJfVATy0Ik

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0aa476832e3528001ac5f822da71ffcd_JaffaCakes118

Files

0aa476832e3528001ac5f822da71ffcd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eeaeeeff49cea3dba402e1cdd006b695

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MulDiv
GetLastError
ExitProcess
lstrlenW
ExitThread
GetACP
RaiseException
LoadLibraryA
LoadLibraryExA
GetCommandLineA
GetModuleHandleA
GetProcAddress
GetUserDefaultLCID
GetCommandLineW
VirtualAllocEx
GetVersionExA

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ