dbb207f2e80c2dfed39597a40539bd9b_JaffaCakes118 | Triage

Sharing

General

Target

dbb207f2e80c2dfed39597a40539bd9b_JaffaCakes118
Size

140KB
MD5

dbb207f2e80c2dfed39597a40539bd9b
SHA1

1409ec7f6a72e167c2353a5800cf1d47eceef7d0
SHA256

c5b4a36ebdb894e55eb1a0ce991ea8e4e72d86d0945977b892831d7d96d358e9
SHA512

a50aa1af17fc47b8fef2100207c20a3ad65e689430b76b8f4646c7021306d7c86d86a24307a999b66f252a954a912addd676375d0d778393e063a5fce77ed310
SSDEEP

3072:sYKGtWxuFs4Hx+vQBPjP6JAhHaD3y6PEEVAkPNJX7fqg1:aG8x67xDBPL6J2HaDbJ71

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbb207f2e80c2dfed39597a40539bd9b_JaffaCakes118

Files

dbb207f2e80c2dfed39597a40539bd9b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

844ca51b06c05d2a27f504258a831246

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringW
OutputDebugStringA
lstrcmpiA
GetModuleFileNameA
GetTickCount
lstrlenA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess

user32

MessageBoxA

shell32

SHGetFileInfoA

ole32

CoCreateInstance
CoInitializeEx
OleInitialize
CoTaskMemFree
CoTaskMemAlloc

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ