f417d939b08601f7917e3563c1de309d_JaffaCakes118 | Triage

Sharing

General

Target

f417d939b08601f7917e3563c1de309d_JaffaCakes118
Size

48KB
MD5

f417d939b08601f7917e3563c1de309d
SHA1

04b2e7985bbb614fdd36f91d819ef8ccc17adbba
SHA256

06279512eeb149d3b1a4dcd2355c9e3a314d8dda6d2f00b1a4951b06e5b62dec
SHA512

0ea7d30ca7ff63946075fe2c8169bb124c99daa6206fa4b1654cbddc267452c4b35a4a6b91431ad324634579c0775652fbff8eb440164121571daadf1f992f02
SSDEEP

768:Lbp7TLaTVe3sHK3XWSrVg94Zis9SISSAHvYKO6M8eAu0ABr8ewSBbC2jFwIjlbja:Pp7ieUEXWreQJ1eJZ84rRwL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f417d939b08601f7917e3563c1de309d_JaffaCakes118

Files

f417d939b08601f7917e3563c1de309d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd51a645a9c68bd03b2e51586e5cbdcb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA

Sections

.text
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_TEXT2
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE