305549ebb4be6613c76c5883ea5ada7f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

305549ebb4be6613c76c5883ea5ada7f_JaffaCakes118
Size

392KB
MD5

305549ebb4be6613c76c5883ea5ada7f
SHA1

f8a711609c7f01e4e163a44250e8476716acb8f0
SHA256

f1d8b32d130e5fc89c0b1a0ed11100fa2486ca7e496e5328bcecb21bcdc86a61
SHA512

3985123fceda383d8258b820fed58287669605c3a769ad370c7766b4f845233c47da01867a3ebe4c4eb76385abad18870c8e233f1bf1bf4cc31d1b0e9b4b861b
SSDEEP

6144:J+e98aB397XmLHLbu7hQGfyjIStDzdr0LuWlXiaIo4Bdbn5M9SC00KKER8UHW:J+eCOXmva7hQnXQ1lXiVdr5uulKf2W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
305549ebb4be6613c76c5883ea5ada7f_JaffaCakes118

Files

305549ebb4be6613c76c5883ea5ada7f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5265396cce55c7fc139786d860943929

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SwitchToThread
GetProcAddress
ExitProcess
TerminateProcess
GetModuleHandleW

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 404KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ