394f677fb3ca7bfec01a9ab9c99b42cf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

394f677fb3ca7bfec01a9ab9c99b42cf_JaffaCakes118
Size

16KB
MD5

394f677fb3ca7bfec01a9ab9c99b42cf
SHA1

72d00ce45d3e1d462cee8849524b3354eae77c2e
SHA256

d1964605bacee87d78e6ba7bea5fbfa52a1e269da349dfcba5c0a8bc3c387e0c
SHA512

6a1929663c1faea196deead613bf40df58c32542f2cf3b5d894e90c89d7697331a0b9583fec8618edc219bc95fcb487b999afc75805a0055b2c263c6779fd8f4
SSDEEP

384:M6eD2YvmpSmJeSB4DSB5OCOsu7vutEKPqSdJWA:1ehvmpXJ/q+B4otPZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
394f677fb3ca7bfec01a9ab9c99b42cf_JaffaCakes118

Files

394f677fb3ca7bfec01a9ab9c99b42cf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8ac37fddc75408625d1b9b93636068b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wvsprintfA

kernel32

VirtualAlloc
GetProcAddress
GetModuleHandleA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 210B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ