02f6d66186593e85dbedb03a725cf831_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02f6d66186593e85dbedb03a725cf831_JaffaCakes118
Size

500KB
MD5

02f6d66186593e85dbedb03a725cf831
SHA1

aa4f37ae0c39906912b826992c0e4fc414d99481
SHA256

de9ad17cb1d951c964138a9487e8fa63eb5dd5c252fd2b673216c11c30f67c64
SHA512

cbef5bbfaf851ab0ac729275680932da319cf3882254299d1f083cc0257666b148832dfd8036dc6a133025c6a4186e781ad8a8afa5787bd1b9362ce8cd9fa2dc
SSDEEP

12288:QiZAM4UXBOsYqjV12zC7LHgQ6mSLWZulwgkdnz2:ft4UXBOs9p12zm7D67Lena

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02f6d66186593e85dbedb03a725cf831_JaffaCakes118

Files

02f6d66186593e85dbedb03a725cf831_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dae2264e721d7c66f7fa35e864d11aba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
LoadLibraryA

Sections

.Kaos2
Size: - Virtual size: 912KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Kaos12
Size: 495KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ