34435b0a645c69636df0cdc44d1ce3ac_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34435b0a645c69636df0cdc44d1ce3ac_JaffaCakes118
Size

43KB
MD5

34435b0a645c69636df0cdc44d1ce3ac
SHA1

e741d609dbb85b03e297302d2c7aed65516e7300
SHA256

f9a62ea6b5351e977a7b4fbf450c1063d9b365a578146507e93c0faa421d8e81
SHA512

1ff8a86185da450d5b9c73d289d68eea88d72f0ac093df89bc3865f2c4aca0a25caef87389230fbeb595503b057b29db7cf8252b29a85453cf2a395103eaf57a
SSDEEP

768:iNT5ySkM2cZymzHkca/Fhh6KhScCDLg0BhlNLlfx8e2QVN5F54YQsxkj:oT5q2nHkca/FhcKh1CDX1lz2wzJfxu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34435b0a645c69636df0cdc44d1ce3ac_JaffaCakes118

Files

34435b0a645c69636df0cdc44d1ce3ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd51a645a9c68bd03b2e51586e5cbdcb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA

Sections

.text
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_TEXT2
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE