0d082e68d88bddfe75c97a2f4a2919f3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d082e68d88bddfe75c97a2f4a2919f3_JaffaCakes118
Size

64KB
MD5

0d082e68d88bddfe75c97a2f4a2919f3
SHA1

a193a1fffec545503eabcba51523a3e7b22b89c2
SHA256

a236c2c61faaccec580a2b04e3e263ae312ae41580f2c90ed32e63f7a9ec33c2
SHA512

7692d08dff42aa913357dbebc138359a78358a8bd96078fac30a74d0b845dfc5df0cfb0e87a7bc75e2285dcb6b5919dce943fb1bae998b771d1a5a50df7824cb
SSDEEP

768:Ddg9ZRGJpDlA/6b6CsaOoJfc9sZMatgCTaFV4uwbl2f6wyTWfe/RzvFkxqwqG:xGSVJcsZ1qCWFaBlE6WW5ztkcM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d082e68d88bddfe75c97a2f4a2919f3_JaffaCakes118

Files

0d082e68d88bddfe75c97a2f4a2919f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d086cfa2511f33d37a8abc23331ad04f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
VirtualAlloc
VirtualAllocEx
GetCommandLineA
GetACP
LoadLibraryA
ExitProcess

user32

LoadKeyboardLayoutA
LoadIconA
LoadStringA
GetMenu

Exports

Exports

_C8813sjM@20
1au_w9wwuC3vO@20
_3mxWG5Xb
_TxJJKsU
_v2JPZmz42D
_rkgPnztEgmAW
_UpOdukRWdOqtt
oVHufs@16
_QIZL2bPc@16

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ