0bcdfa5f8174867df02f5cd822ea83e3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0bcdfa5f8174867df02f5cd822ea83e3_JaffaCakes118
Size

5KB
MD5

0bcdfa5f8174867df02f5cd822ea83e3
SHA1

73e125fbcc290ae5961fb7b8b67ccc4d6bb21e54
SHA256

a7d0286030f09b162d826d3d10222386baa68733d91cd7f47300c5b5aa38766b
SHA512

bd6e95212885a3872a4efcf52e14898344d46d71f1640400e9d9421979efcb3abd1c53fb486915def2880b4f3be7f150d3de2e19f27fdc9e5839f86b5df141ab
SSDEEP

48:qXVuQ798ifM/oBtFVyfzlpLGE+g7g5WO:KuQh8S4oZVgzlpF0W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bcdfa5f8174867df02f5cd822ea83e3_JaffaCakes118

Files

0bcdfa5f8174867df02f5cd822ea83e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60e85a4828f39a5fa6b449c83c9aac2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??2@YAPAXI@Z

shlwapi

PathRemoveFileSpecA
PathAddBackslashA

kernel32

GetFileSize
CreateFileA
CloseHandle
GetModuleFileNameA
ExitProcess
FreeLibrary
lstrcatA
ReadFile
SetCurrentDirectoryA
GetProcAddress
LoadLibraryA

user32

MessageBoxA

Sections

.text
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ