2de7e2eafd37618ff66509f381f04a27_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2de7e2eafd37618ff66509f381f04a27_JaffaCakes118
Size

4.3MB
MD5

2de7e2eafd37618ff66509f381f04a27
SHA1

93d1f8b74fcf3f17d24ac60877402a0a53c6d385
SHA256

b72cc61cadb0d43a1722d2b63f5226b15b77eb081571906c0160afcb7a0078cc
SHA512

f944b603f217d41e98645dc32e0e8cd19c6cfe322c0bb429ed94d6c200dad78aa1055f0b73ee94ec71b68c3a4bd4234a1e99cf90085afcd8042cfb3ca717aa04
SSDEEP

98304:0K4ltjykCDOQyfL0fXEL5fookCzL8APeeXqj2ehZCz:BAtekCDWAfX05TkCzAAPVXk2Dz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2de7e2eafd37618ff66509f381f04a27_JaffaCakes118

Files

2de7e2eafd37618ff66509f381f04a27_JaffaCakes118
.exe windows:4 windows x86 arch:x86

94c7366d739e7bf962bb011f2c5fab76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
GlobalAlloc
ExitProcess

Sections

pcs1
Size: 451KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pcs2
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pcs3
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pcs4
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pcs5
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

pcs6
Size: - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

pcs7
Size: 3.8MB - Virtual size: 14.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE