2527bfba0be1089982519409c4fdca2a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2527bfba0be1089982519409c4fdca2a_JaffaCakes118
Size

138KB
MD5

2527bfba0be1089982519409c4fdca2a
SHA1

366a9ab55770e56051716287e2ccf84d3a30acc0
SHA256

21655a34707aea54eba167aa94851d21972809cd6d1f1e2da661961e9e8f5526
SHA512

7209bb9390d1ab33ab722f7b7e99537ae2d1b4f87fe981b492e1605f9c82847b08d694156ad36418b9b38d212f5ce0700e6209a4575c110d189246e480c10d7d
SSDEEP

3072:SMKKy2IGmoeZB1XuqnA46lViyoNo9dOOGovKX28k8:vK2IGmtBtuqA4e+adO28J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2527bfba0be1089982519409c4fdca2a_JaffaCakes118

Files

2527bfba0be1089982519409c4fdca2a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd51a645a9c68bd03b2e51586e5cbdcb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rawdat
Size: 128KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 511B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE