2796821175764e748e1a5d13227afaf5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2796821175764e748e1a5d13227afaf5_JaffaCakes118
Size

8KB
MD5

2796821175764e748e1a5d13227afaf5
SHA1

9dcb53724857f18003cea28a6a211205fadf17ef
SHA256

b6c7e40a3480e7acddd953cf23cfb6db471596ebaa89c7c5a1736ec4f883d1a0
SHA512

e276df8452a0d23ed430bb50acd0f6e0681bdc2bf356bd45a691341fdc95e91c0daaf37d8a1bb450ff6c70a18703515cd98d072cab7e14c6e7e3ed55d5ea0093
SSDEEP

192:KRyda4GIx3uwDAmcZa9VN95ThiUi8HO6Np8J:KRNPINuwDDfVdQuu62

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2796821175764e748e1a5d13227afaf5_JaffaCakes118

Files

2796821175764e748e1a5d13227afaf5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

148bf55ceb3e5471ef5f9ffc2bb75e2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect

Sections

.sdaf320
Size: 7KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdaf32
Size: 968B - Virtual size: 968B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE