0e19dfcaae6149adde9e621a5842f49b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e19dfcaae6149adde9e621a5842f49b_JaffaCakes118
Size

116KB
MD5

0e19dfcaae6149adde9e621a5842f49b
SHA1

5b68cd2cb22ba424bd48af0bc168764d059899aa
SHA256

6a83025d9c7349ac9081a7d9a9890f5ce46cf187f01b9984fefce70fe97cfda0
SHA512

1554ffb82129b875cf90dc00879cba69191971fc24e48baf01a1edf301742edf70b0f351f9994f349d6b36acb48601143e046d18d875c9f815641a29d4dcb59a
SSDEEP

3072:rzSGGowXaGVgzXmeyEKSRIkpH0ftejc7uTNMoHUyN5:N3CVgzXmkUkHkl7uTNtl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e19dfcaae6149adde9e621a5842f49b_JaffaCakes118

Files

0e19dfcaae6149adde9e621a5842f49b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ba60b17116955c87155c7b797c60617

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
VirtualAlloc
GetModuleHandleW

psapi

EnumProcesses

Exports

Exports

reqwqs
sfdbee

Sections

.text
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ