0fd3f217f47bf1f7211e61cb777043f0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0fd3f217f47bf1f7211e61cb777043f0_JaffaCakes118
Size

54KB
MD5

0fd3f217f47bf1f7211e61cb777043f0
SHA1

b95ecf01155273b3bcd7549917dac3033a186677
SHA256

2deeeaccf43233422c55f978b4ac7d536b32b9fd875a2d3357821e433a5e843d
SHA512

476d4b2e1e20b56cf5d953f705ac1a8688a276154eed8209baab9710e1bec55e2a56ef329ff1cf1ca3be525298e755c669e4c8257a905bd109d1172a4dbd2031
SSDEEP

1536:3BOPI5mHtzapnYX4Fo9ocjde+V/2LsGps+cWir:3MPImHtSnWyof9XMDlG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fd3f217f47bf1f7211e61cb777043f0_JaffaCakes118

Files

0fd3f217f47bf1f7211e61cb777043f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

CODE
Size: 49KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

n-code
Size: 121B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ