0b16bbe876bdc7e20e140b3e4df1afcd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b16bbe876bdc7e20e140b3e4df1afcd_JaffaCakes118
Size

30KB
MD5

0b16bbe876bdc7e20e140b3e4df1afcd
SHA1

3c7b9f1ca1ff5da2d9073060a93048e2666ae020
SHA256

d7bd05fca91e01bcc4c8b3951c4c61f8f072f5f9bb19dee4fe9e22f2421d10e2
SHA512

1293c49736ae77a220dad8a6a7ba1b94143c1a6feb554795f066080a400643c3d6320b8251c0e722716002326f094535fd38ffc43dbe9ec6361bec195a1836f8
SSDEEP

384:UsHUtcUMPv2FnS39iSAMPdivK54SQAv6hbVC2qBOm80H2POFRdbn3e56fj/ZZdAZ:XUtcrPv2FnokCzQRqOiLSGUBn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b16bbe876bdc7e20e140b3e4df1afcd_JaffaCakes118

Files

0b16bbe876bdc7e20e140b3e4df1afcd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a28f0dbfec95e3077e5cfe1cda521fd1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWriteWatch
EnterCriticalSection
WritePrivateProfileStringA
WriteConsoleOutputAttribute
ReadConsoleOutputAttribute
SetLastError
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

text
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: 22KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ