0d2b22fec0e654732fcba0a6a20fcad5_JaffaCakes118 | Triage

Sharing

General

Target

0d2b22fec0e654732fcba0a6a20fcad5_JaffaCakes118
Size

75KB
MD5

0d2b22fec0e654732fcba0a6a20fcad5
SHA1

b6fc0cac53f04b80c8b46a320d6e70846908c13a
SHA256

f6b11e79334b6e11729eb8ed736dfa3d4e15ea1122b642c7b954298c7fc976ae
SHA512

c2dda2a9636266ad4a8f4188ea99720fa8d0bffa7e3722055abf7e7473b163ff32f6a4d0eb2f2cde08aab52066200359feab8a6868a713d5cae606975db16803
SSDEEP

1536:PkfyhqMW8rl+nb8x8OwIqKbML0bhurpHLBdqPX80RPSF2lg:ThF+nb8BwIqeRu1NdqPM0YFag

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d2b22fec0e654732fcba0a6a20fcad5_JaffaCakes118

Files

0d2b22fec0e654732fcba0a6a20fcad5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

459510f6d61d8deea3dc8969d14c11b0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetCurrentProcess
SetNamedPipeHandleState
VirtualProtectEx
ExitProcess

user32

DestroyCaret
GetActiveWindow
GetWindowLongW

Exports

Exports

Rvkjnjtvvbv
ReadUxppgrv
Bajlihff

Sections

.itext
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lko2l1
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lko1l1
Size: 67KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ