0cb703ff479a27b69148121b89c73671_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0cb703ff479a27b69148121b89c73671_JaffaCakes118
Size

20KB
MD5

0cb703ff479a27b69148121b89c73671
SHA1

935bdece21403554dbec34968f06953e9d71d361
SHA256

f2f19bc4300ce443d8019dd31ec39d625553dfa61cb56a554e5086adaf444bee
SHA512

f77692c68ced928baee3f1bbd5af6fb1e07e3d4a9b99ce265dd0d8e7921eea1e4049cd77907e860059adb25dedde0c39f178ac7b48464d51af8433c8dfea67f7
SSDEEP

384:9Pofh9PbzjYpOmOodXGscjlbRILDKOb2GzCN2EWDKLpR37JodjAmyMvzP:9QfXrYdmh+DKOb2N4EzpZmCMvzP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cb703ff479a27b69148121b89c73671_JaffaCakes118

Files

0cb703ff479a27b69148121b89c73671_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b8111320f794d9e62a7ffe5d84bed59a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualFree
VirtualAlloc

Sections

okpack
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

okpack
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

okpack
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE