0c68e63de4a7aee333f528a29583ef1f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c68e63de4a7aee333f528a29583ef1f_JaffaCakes118
Size

3KB
MD5

0c68e63de4a7aee333f528a29583ef1f
SHA1

c35f9a857ce90808ed9ef2954bd5c795444a24f1
SHA256

76829def219352dafc8f08397f0cb866e0fec685ac6ae10fe07918eb4c889b3a
SHA512

9e685bad98366aad7ff3006ed7fdccd0fe35b8c4a9498a8daf3797fd390cdc534b00aa8ace98f5e5fefe8dc7c6341eaab2887e2e49d0070ee98b79a73e3a986f

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/dap64/dap64/dap64.exe
unpack001/dap64/dap64d/dap64d.exe

Files

0c68e63de4a7aee333f528a29583ef1f_JaffaCakes118
.rar
dap64/dap64/build.bat
dap64/dap64/dap64.asm
dap64/dap64/dap64.exe
.exe windows:4 windows x64 arch:x64

7bb4a7d3b30bafdd43452b581d89f317

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

ExitProcess
DebugActiveProcess

Sections

.text
Size: 512B - Virtual size: 30B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 138B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dap64/dap64/dap64.obj
dap64/dap64/mllink$.lnk
dap64/dap64d/build.bat
dap64/dap64d/dap64d.asm
dap64/dap64d/dap64d.exe
.exe windows:4 windows x64 arch:x64

83dbebf89189d949f207e4b1ecfa1480

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntdll

CsrGetProcessId

Sections

.text
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dap64/dap64d/dap64d.obj
dap64/dap64d/mllink$.lnk