0a98706db77779bc6991174bfeea4719_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a98706db77779bc6991174bfeea4719_JaffaCakes118
Size

1.6MB
MD5

0a98706db77779bc6991174bfeea4719
SHA1

526fbbef5c76debc2b4fe224cf98cd3c94df6716
SHA256

64e2637c7c82091db883210e8b0e73843e60407c5aaaeb406d8f68bac32b34f2
SHA512

a547bee8aefbb28eaefef93a1699213ce529973d0dc05d6dad7a03c48f44ab2b56c3c9f0543398feca431379ec222cdaa71c2449bd481563ea3922b6fae56177
SSDEEP

49152:dLZ3lDmMsLcSxt41NbbbENb1uX3S2xl6X4QNzo4e:z5mMswSxt43zypCl6oIk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a98706db77779bc6991174bfeea4719_JaffaCakes118

Files

0a98706db77779bc6991174bfeea4719_JaffaCakes118
.exe windows:4 windows x86 arch:x86

394b3e18e03537a1c51f949fab757567

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvbvm60

MethCallEngine

Sections

pec1
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Sm0kes
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_MEM_WRITE