27e90ee70fef4e52f425c3219f7c6b40_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27e90ee70fef4e52f425c3219f7c6b40_JaffaCakes118
Size

83KB
MD5

27e90ee70fef4e52f425c3219f7c6b40
SHA1

0786dc3ec627bf9750a810b9e969442fd4e88e5f
SHA256

fc8912424d3f25c87430e0e070c2cca5abf83d25a6282716719297fad58c6cc4
SHA512

bd8baa623ef680daa7efaae552a712ab8d7c29540c8f90170523c54f850a2c4e7a62959dd862b80ad3e13696eed088b5f0b123b9302b8eec5b95a0608a8a0704
SSDEEP

1536:tFGc1cvUWbbLXp4tiWSNWF2EMw47rto7EXX6nrOP1HOHFAI666666666P:fPatbvXwihWF9Mj75otrO9uHFJ66666f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27e90ee70fef4e52f425c3219f7c6b40_JaffaCakes118

Files

27e90ee70fef4e52f425c3219f7c6b40_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa77d18b40072a7e1dc36630aafffd27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualProtect

Sections

.NeW0
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NeW
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE