0f9cdbd3449b932350d4e73409ebfbba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f9cdbd3449b932350d4e73409ebfbba_JaffaCakes118
Size

281KB
MD5

0f9cdbd3449b932350d4e73409ebfbba
SHA1

06c77881b305110f59dad7b1c85711007ff326a8
SHA256

d8f1bf6a2c48f658e89f1f89e128034674bd689598f75106e70a1622970bb92d
SHA512

bb3771d6a5f15f08dfe6c96b98c5724b6d8fb8938f5ed27b09066821672e25506b88d2be6830d626d980c3ca97b6a0dca949da09744ad97826033e8835441cb6
SSDEEP

6144:D2hw+d4W6SkSonaXxV5gQ5h5h+FMg7i3vpmBNyy2F+//:Djs479aX1t5h+bavprW//

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f9cdbd3449b932350d4e73409ebfbba_JaffaCakes118

Files

0f9cdbd3449b932350d4e73409ebfbba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0ccaeb1bd6cddf1c570ca7c5354d83ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

LineDDA
DeleteDC

kernel32

ExitProcess
GetCommandLineA
CreateThread
ExitThread

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ