2e0a5a5715b316af91ae14996a08e015_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e0a5a5715b316af91ae14996a08e015_JaffaCakes118
Size

132KB
MD5

2e0a5a5715b316af91ae14996a08e015
SHA1

a89dbc6fccab3f139f32b541f01b5521815568f5
SHA256

0c499bb3077aead422353ccbb98ac8950d52b30455d66393cbd684e5cdad7d1f
SHA512

c3cf913f146c877443de0ff5f4d6b504fadf3174aa955a2d0098a89233361085a74a8467ba37ccea73cb058611d153b7cf23dbdb305d27b5ca02d1745a139b9e
SSDEEP

3072:7SDzDomPPvWZCdVLG+6n38dixdp1OL9NdCWOAsWy7A:WTvvWZCTLG+63misdCJ5A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e0a5a5715b316af91ae14996a08e015_JaffaCakes118

Files

2e0a5a5715b316af91ae14996a08e015_JaffaCakes118
.exe windows:4 windows x86 arch:x86

99fc69d43b9cd9fe874a0947318e4eef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
TerminateProcess
OpenProcess
GetProcAddress
LoadLibraryA

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rawdat
Size: 116KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 511B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE