0f7aefab9f040da039a37f1befeed21d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f7aefab9f040da039a37f1befeed21d_JaffaCakes118
Size

32KB
MD5

0f7aefab9f040da039a37f1befeed21d
SHA1

cb477470fcac05e30053a3b1294d9c920c1f74fb
SHA256

6fd345c4ca60bc9db629ac6e3b69a90b1b9ed88690c8c71be7b6ed76b83accd1
SHA512

95179cecc0a889e0000cbc1d42fc06de241ec14b75ae806d54c58f5b27b71283d21133c44ee410a17680453b2dee1b56a6db75ab60846510e325e2ea351d6c01
SSDEEP

384:h4KShIz7Et/98EnvF/beEKuyVY3xXT4HdS:h4nh4K98EnvF/beFRYhXT4HdS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f7aefab9f040da039a37f1befeed21d_JaffaCakes118

Files

0f7aefab9f040da039a37f1befeed21d_JaffaCakes118
.exe windows:1 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress

Sections

.text
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 138B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.t56
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ