1c2b400a6897827e6a5a6e54b6176bcc_JaffaCakes118 | Triage

Sharing

General

Target

1c2b400a6897827e6a5a6e54b6176bcc_JaffaCakes118
Size

72KB
MD5

1c2b400a6897827e6a5a6e54b6176bcc
SHA1

faa591eb6be54e786d8b2e9db7e554d3d2a4b84e
SHA256

1baf3988b726e5a1cc3e4a8a0cc3441b8a401e19cc17d5d60e06624e10afe3dd
SHA512

ae17ff48d4fb690110fb717f18bed4bc0427a89c8b00b53075e76719186cf38ad21366c31c49a84fc6f5c6aab784ddbc9f98f80ce04ce9a877c820675fa84f4e
SSDEEP

1536:oMl/+b9hWaCPbX3XWrGgLfDQqdw4mgfNvJmdjNkr7+:tN8n+bmRDQf4mglvJmFNkO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c2b400a6897827e6a5a6e54b6176bcc_JaffaCakes118

Files

1c2b400a6897827e6a5a6e54b6176bcc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

148bf55ceb3e5471ef5f9ffc2bb75e2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect

Sections

.XComp0
Size: 44KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.XComp
Size: 814B - Virtual size: 814B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE