27840ad644f5e01eb405def0ecbffd59_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27840ad644f5e01eb405def0ecbffd59_JaffaCakes118
Size

116KB
MD5

27840ad644f5e01eb405def0ecbffd59
SHA1

a05c5fec4bbc283f95b51bd94eeb7ff1214286dc
SHA256

bdf57b99450fbb5429201a98c991b797c6bc88f66623ec4fefa05876b519da28
SHA512

4afca8d8f5953b8f2a9db5d0b91d0666f848e1b71c6792e83c06342fb380802f103ae7b1cd8fd43d02bf883b44186c3bb2a28a41167e7dbe78eac272ea31a9be
SSDEEP

3072:ogrjhffeSZeqYCt4EKwx4zttwqcx61sw3To+ltzX:pZffeerYCaEKHzLcx6n3ZPb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27840ad644f5e01eb405def0ecbffd59_JaffaCakes118

Files

27840ad644f5e01eb405def0ecbffd59_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ba60b17116955c87155c7b797c60617

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
VirtualAlloc
GetModuleHandleW

psapi

EnumProcesses

Exports

Exports

reqwqs
sfdbee

Sections

.text
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ