3b7ba417bd18859172b0ff2973244f38_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b7ba417bd18859172b0ff2973244f38_JaffaCakes118
Size

11KB
MD5

3b7ba417bd18859172b0ff2973244f38
SHA1

520515a03461744daaab4d8c1535bd20b36d1e60
SHA256

92141b885d492be7eb73680e029b837f3f650c64089a2e5ec723a004de054fb6
SHA512

1e5961dd9e1cdaf6a22f6a48850d90991f955ad2713d95c6ce9b7277799553a3b085ae7fb7b3808000255fda9a5e3a7f6ff11c46076938d2fd082ec43c5049c5
SSDEEP

192:nrpXRSOhUJaQkjFeKzvVlqgkJ/5EGVDFMb+VEfWmtFC940PbDaqOj:lXkO6UQkjF1NljgplFMy2/FC9/2qi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b7ba417bd18859172b0ff2973244f38_JaffaCakes118

Files

3b7ba417bd18859172b0ff2973244f38_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

CODE
Size: 8KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

APmwer
Size: 54B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ