611dee966a5c48da53fc7e702ed1a00e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

611dee966a5c48da53fc7e702ed1a00e_JaffaCakes118
Size

4KB
MD5

611dee966a5c48da53fc7e702ed1a00e
SHA1

586159a1ed6c322df3e8efb7ad43f68adf476a52
SHA256

27d3182d106ff36ffada69bcf30c5f2bf916c8cf89e26c68528d50df6182b32f
SHA512

ca8ad32aeb87a95de7e3a6c4f34a467bfaac6bba28d5d149cb1a5b49ab06eb34f051258973acbb3c1cf740b0333b0a6d9ae78078995545561eb2b9e4ac34cb6c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
611dee966a5c48da53fc7e702ed1a00e_JaffaCakes118

Files

611dee966a5c48da53fc7e702ed1a00e_JaffaCakes118
.exe windows:1 windows x64 arch:x64

7a56a438496d47d8e05d81471c185dbd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetProcAddress
LoadLibraryA
RtlZeroMemory
Sleep
lstrcatA
lstrcpyA

wsock32

connect
send

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE