386b8748cba44dcf679e83041358f7cd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

386b8748cba44dcf679e83041358f7cd_JaffaCakes118
Size

4KB
MD5

386b8748cba44dcf679e83041358f7cd
SHA1

c8206db4f01492eaaff30bd94f90d3dd6325102b
SHA256

79794bce35f7be8b474cc3c387fd775903d5a3e17f4c466568dd7a0c8ddd9444
SHA512

ecaea6f25c50e43f2c9c5abfa36f7061d9c41f278eaa11140001d453f815f6ec68fd82a0a19254d0fead35db5c6c37ea36537b85dbc182f480cd5f8c867c9dfb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
386b8748cba44dcf679e83041358f7cd_JaffaCakes118

Files

386b8748cba44dcf679e83041358f7cd_JaffaCakes118
.exe windows:1 windows x64 arch:x64

104e3844f7d26941e527c62603133eee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetProcAddress
LoadLibraryA
Sleep
VirtualAlloc

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE