f4c3e29f135f6f4ade643d8420c3239e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f4c3e29f135f6f4ade643d8420c3239e_JaffaCakes118
Size

484KB
MD5

f4c3e29f135f6f4ade643d8420c3239e
SHA1

443945638ae858562f8e6c058ab6f0f848ca26d6
SHA256

faffd8f63eff9511cb301e2cd4443bcb16aaf04b73ab12a77428712c79da3ed8
SHA512

25f01a7ea92842b52438a5cf0ed1cfdecfbf55cf418f838592a833bbc9bcd7b9952476479038ab704e13058f8f7072704bea00afe899c5b54f6320a46dba72ef
SSDEEP

12288:56lo17sVe6hAEguzAqoXGCrnEhcZyVOCZRv37pgkud:Ee7P6WCmZrEucV7ZtrpRu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4c3e29f135f6f4ade643d8420c3239e_JaffaCakes118

Files

f4c3e29f135f6f4ade643d8420c3239e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f4fb13f9b503d438c76f85bc843da12c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
GetCurrentThread

user32

GetInputDesktop

Sections

.text
Size: 476KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 321B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE