f26677aae07bdc7a190e4308c1ea323e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f26677aae07bdc7a190e4308c1ea323e_JaffaCakes118
Size

325KB
MD5

f26677aae07bdc7a190e4308c1ea323e
SHA1

3ec7423466f446c960e831b7f55c803816a65853
SHA256

73e45204ed0132a5e777015c74f353008fbb679ce9f8a1264080afdb3730c647
SHA512

e9a4bbe520c186df5bfa7e4a623f4b2b2f9ae298323f3cce4a540770d5ac88651cc95158269bf95afb1375ec01d6ca03e01301405b1eba80b27a5d35d82d20b6
SSDEEP

6144:JmlJDs08CYRl5P3GmJGA6XAnrCJJnvdBsZ2DSBMCD6GishveGIb3aOSYIrN:Jml9s08vR+QGA6o87yvyM/IbY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f26677aae07bdc7a190e4308c1ea323e_JaffaCakes118

Files

f26677aae07bdc7a190e4308c1ea323e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

xXxXxXx
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

STPack
Size: 317KB - Virtual size: 346KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE