edf06d4049bebd5bc84852b7c2a05da3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

edf06d4049bebd5bc84852b7c2a05da3_JaffaCakes118
Size

16KB
MD5

edf06d4049bebd5bc84852b7c2a05da3
SHA1

280a3264dbeeb719eaa40b78a92cfe82a4520b54
SHA256

24676e40d5a92d4e8f296279ff9000f1f50057040a3122e585c88ecd42dae8b4
SHA512

3efc6cb24162b37bdcf8574788f76dd5b06a0185c317b109e24e7dbb78d0743d9a37dfb0bda7b768af3ae7ff38a54d31aae8992224c1c3fd29bdff7a09747477
SSDEEP

384:clUBBgGL8K5gyvf09ObHmmlcjnP2QP4xzIshm6DiFXRK:zr/L82JRgTui4m6OFXRK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
edf06d4049bebd5bc84852b7c2a05da3_JaffaCakes118

Files

edf06d4049bebd5bc84852b7c2a05da3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf3132895723e15c3382249685e23069

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 154B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.attach
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE