0bcbc0c3f2c6eaf0942ea2ce781ae177_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0bcbc0c3f2c6eaf0942ea2ce781ae177_JaffaCakes118
Size

23KB
MD5

0bcbc0c3f2c6eaf0942ea2ce781ae177
SHA1

618534b13cfcef74eb99a34122340ce2eaf1cf66
SHA256

ee2118380987ee79f8eb0547d784605c074ce7d7c8028c7d1d21ee95deda3f21
SHA512

8f35462157394d413a2c737d6703493cfc2644f12fe6987b7f374d1656454bbb7259c34e7b26ac2dd4b9d53006ec207d2188bcb8fad89b5c99e6cfe79dc63db0
SSDEEP

384:YBydwgT9lFfzrMIMlzAUxreVrNmvFy4POmRD5QVlJIlzHVq:ko9l1WUQeVrkvA4PHolG4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bcbc0c3f2c6eaf0942ea2ce781ae177_JaffaCakes118

Files

0bcbc0c3f2c6eaf0942ea2ce781ae177_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e375fae1e56661edcfb77b789bbf9540

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetCurrentProcess
LoadLibraryExA
VirtualProtectEx
ExitProcess

user32

CharUpperA
CheckMenuItem
EmptyClipboard
DeferWindowPos

Exports

Exports

GetLxiggfgbmrr

Sections

.itext
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lqt2l1
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lqt1l1
Size: 15KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ