0c13b359d8486e53129768a8062b31f4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c13b359d8486e53129768a8062b31f4_JaffaCakes118
Size

10KB
MD5

0c13b359d8486e53129768a8062b31f4
SHA1

31fb974ed8212117f0ae2d0dc73a8fa255ef8f77
SHA256

94319a5e5318cc60f49243a729267c323f119b67a8684d5eafd7b52d0a844286
SHA512

ddff702c8613a28767c3b2eafecc23f05bdfb30eb02b59b6486317c5c57c049b17cd631def97c42db14bc04f115612ed49f647691fc5a71e0c290f5776a365cc
SSDEEP

192:swJMX6KUptZsJKrlH6XJQbYfupqgUqS8YeH+n0yD17zx3tZOReYUe19QxK:swJMKDp3jxaZQbY2Y5qS8Ye40K1R33Y9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c13b359d8486e53129768a8062b31f4_JaffaCakes118

Files

0c13b359d8486e53129768a8062b31f4_JaffaCakes118
.exe windows:1 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress

Sections

Size: - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��ta
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE