0e5374c7507356280b756a0725b3fe37_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e5374c7507356280b756a0725b3fe37_JaffaCakes118
Size

92KB
MD5

0e5374c7507356280b756a0725b3fe37
SHA1

cc579765a45b112ef2dde142198999f1cfd301bd
SHA256

d2b1ad2b739eb88918be263ddd195aeb1b087f35a0dee0bc5783ca01e563982c
SHA512

bd57b8cd74a2b446b1839a0639e6faf5a15dc8426e8fc8b315eaf4f5144f49708b71d4ef9c33173676c3707bd625edc817b616c7cbaa152314d52bf9c4a608fa
SSDEEP

1536:ftm8uPIMRR/5iBwHRwh4IuY6GqqRFG33tANzur0W/TwSYrhNqTwLPs:ftmjhRR/5oORwh4FGpFG33tANzW0WVYd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e5374c7507356280b756a0725b3fe37_JaffaCakes118

Files

0e5374c7507356280b756a0725b3fe37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

efd48b9132c49b732a0ad972140fad77

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GlobalLock
GetCommandLineA
GetStartupInfoA
ExitProcess

ntdll

RtlUniform
RtlUpdateTimer
NtRequestWakeupLatency
ZwSetThreadExecutionState
RtlSubAuthoritySid
RtlIsDosDeviceName_U
RtlIntegerToUnicodeString
ZwQuerySymbolicLinkObject
NtClose
RtlDosSearchPath_U
ZwOpenProcess
__isascii
RtlSetSaclSecurityDescriptor
RtlLocalTimeToSystemTime
RtlNumberGenericTableElements
RtlAllocateAndInitializeSid
ZwSystemDebugControl

Sections

.text
Size: 4KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

weIJUNLi
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ