42368686d1c665f18b666c4a44602993_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42368686d1c665f18b666c4a44602993_JaffaCakes118
Size

313KB
MD5

42368686d1c665f18b666c4a44602993
SHA1

4084a2d3ecfdc1177a914c7b7f95399502f6b5c7
SHA256

daf3863cb4abcc4fc07bd7124f9f8fcaf2dcd25c956fccbe5a8cbd99ee35d5e2
SHA512

5dd988b79af367bd38bb96c9a869194519e8c230cecf93ff145e1b458a54896fb4d4afd8f5602c12d158553bbc11ae77db189d4c0a1c03676971a69a06861ebc
SSDEEP

6144:oIGIeEI1fepZ5tdCL9dtIqu44T6x4rDKFKRPtriv9:/GLEI1OCLmdk4rDKkDrQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42368686d1c665f18b666c4a44602993_JaffaCakes118

Files

42368686d1c665f18b666c4a44602993_JaffaCakes118
.exe windows:4 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress

Sections

.nos
Size: - Virtual size: 244KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ