27f48cfa657417831959d9812d6df7ec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27f48cfa657417831959d9812d6df7ec_JaffaCakes118
Size

93KB
MD5

27f48cfa657417831959d9812d6df7ec
SHA1

c89894cdfd7a127e604744b7dfa31a3c39ab45d5
SHA256

ca64a21b2a5481a25bf45af3175453846f2e0ed3f3edbc10e3df5c2c4714cae0
SHA512

e644a3dc2e45b5295c6fb299c245ac8e093da26f9cd7d69c6f08de8a4c88dc1ffd426fb303c1353189fdab2acc230e975e3f57d45205f716a068f605322d28ef
SSDEEP

1536:h/W9AO43gY2MrW2o6qcn/pRLqLbNtRef2HRLnYCtu+V1dTuWRzqCwAnBqfU3OcsC:h/WT4drWJYn/pERef2xkC4e1dCWLwAnX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27f48cfa657417831959d9812d6df7ec_JaffaCakes118

Files

27f48cfa657417831959d9812d6df7ec_JaffaCakes118
.exe windows:0 windows x86 arch:x86

b8111320f794d9e62a7ffe5d84bed59a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualFree
VirtualAlloc

Sections

hmimys
Size: - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hmimys
Size: 92KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hmimys
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE