2d8a1564c5f1367d90a9f22856ebae39_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d8a1564c5f1367d90a9f22856ebae39_JaffaCakes118
Size

112KB
MD5

2d8a1564c5f1367d90a9f22856ebae39
SHA1

2741d904024752b86da43628ea059d7aaed2a542
SHA256

619341d4ff733114c9465943ef5997d00afa3c70d74d9a97d15ff3b565b1128b
SHA512

a8926646c2487a09d5787bf663e19c2624c3742c10141e373a7f29c7be290ae9f0321cdee3c0e86f2c2534a147e73ec22d2a931b90504b1469b8d6b1c49a6023
SSDEEP

3072:pf6TBIJ/pVuBA5xUrl3aruTRCFvGVAhBksejI:WBIRpVgrtaruTRCFvG6BkVjI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d8a1564c5f1367d90a9f22856ebae39_JaffaCakes118

Files

2d8a1564c5f1367d90a9f22856ebae39_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

0
Size: 76KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rorg
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE