390f3973d203bae6ec71f967b02502e0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

390f3973d203bae6ec71f967b02502e0_JaffaCakes118
Size

13KB
MD5

390f3973d203bae6ec71f967b02502e0
SHA1

1106e7a9db22a5b17167451d2fcf61fc1e99f4f9
SHA256

aae728d6be03e98a19404a49583eb1c97dee0d314fc4cbbd912e443e790cb2c7
SHA512

bf182a53ae3d7d13114be887b769dfdc7690374459c201d12b865bcee0b430d735ec84f8423147c8a92cf284deb5b0868bc4835b661d15d3cfc52a3199dce016
SSDEEP

192:wt1wOuS5fb04qFbi0n76zvUaTn9z3SI7VWEB/MOHcflUJkq8lY:wkOuUw+076rf9z3n7sEVMsklUr8l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
390f3973d203bae6ec71f967b02502e0_JaffaCakes118

Files

390f3973d203bae6ec71f967b02502e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

119ba01abad812c4a461368344bcd6cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA
GetProcAddress
LoadLibraryA
RtlZeroMemory
VirtualAlloc
VirtualFree
VirtualProtect

Sections

.pepsi
Size: 7KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

n-coded
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vrs
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE