418b1b64aee3a611fe27605642da02f9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

418b1b64aee3a611fe27605642da02f9_JaffaCakes118
Size

55KB
MD5

418b1b64aee3a611fe27605642da02f9
SHA1

99115dfc6d86e9b8d64aad12cc42169b0e2d8f7d
SHA256

5d460a18b6dae6ba023ccd5de7e0d45fbb389a4709fa97dc6b6455631f17bd6e
SHA512

e7c94c724258ea54180896fa542662e294c0f394f7b5e42d28e2c81feb88d3e5aa88211b95acdc0b04dd6045d7c1f07419ebea95975bcc5bd7768c439ca891bc
SSDEEP

1536:VnFI4aTmc5wrF/wiXm2YlJRaZnFJ7k+PynA:VG4QmTrFYiXm2YlJgYm4A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
418b1b64aee3a611fe27605642da02f9_JaffaCakes118

Files

418b1b64aee3a611fe27605642da02f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a798933258171132c6f7a89933a27bf1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
ExitProcess
GetModuleFileNameA

Sections

.data
Size: - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE