163ac3cb27d5dac59666307ff2e2e9a5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

163ac3cb27d5dac59666307ff2e2e9a5_JaffaCakes118
Size

105KB
MD5

163ac3cb27d5dac59666307ff2e2e9a5
SHA1

87d903507696702e388eaf995a33004236f891a3
SHA256

d6f91d2ee33bc033ad994fbdc1dc8e8fc32cfa41e87bb23d1c85953ff4524c4c
SHA512

3fcd22decc8c9520614f21c25992654b4c53f0a3b52f4abfb2ff4d2b25f4397164e2b3678a93a93b637be6588c1c0f0e95ff6eb81729a3a2cbb8ef27369c8cac
SSDEEP

1536:kaiFrYoXcx3olXL59Sh3LVUTcImHjBwfg7mLrUvof0DSjL4rPnpxvwZ:kxr83sUh3LV2cPmg7AN1Epe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
163ac3cb27d5dac59666307ff2e2e9a5_JaffaCakes118

Files

163ac3cb27d5dac59666307ff2e2e9a5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

99ceb450ad9b10f6d2d82ba6b36010b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
WriteConsoleOutputAttribute
VirtualProtect
GetModuleHandleA
GetStartupInfoA
GetModuleFileNameA

user32

GetUpdateRect
SetUserObjectSecurity

Exports

Exports

Dvmcnoild
SetNjlyfbkp
InitGfgwglo
InitBdgghjbmy
Oghkbyurt
Mqsmmyoou
AddUcjelhefyb
CloseOqfrwva
OpenOqkohprwh

Sections

.text
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rcode
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata1
Size: 66KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrd
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ