e9b5391df6659f90c9576eb41157e882_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e9b5391df6659f90c9576eb41157e882_JaffaCakes118
Size

19KB
MD5

e9b5391df6659f90c9576eb41157e882
SHA1

d1afbafdf402b6e7fec386b1f08ded8cf919ffcd
SHA256

cc4c9f410a0613b750b89fa7429a6f83d24d9145d92e7397c3afe965ce3fb49f
SHA512

02d6198c42c73b4b0bec58086dd59607f87930d2cc2634bfe46122acfaff4665590c5144a14d1d25668373a868689a496d535a1db7c6350785af3bb8bafd3e83
SSDEEP

384:1DQcb8I7FKksbOJsA/7KOyvyFIrAl0gB/lJQRot0Uy:1DQoKB7AHIclnZlJQCt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9b5391df6659f90c9576eb41157e882_JaffaCakes118

Files

e9b5391df6659f90c9576eb41157e882_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e801ae0bfa5ddae53248739a9ab725c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateThread
ExitProcess
Sleep

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ