42a25eccf0c170d1ace5fb8645b054d4_JaffaCakes118 | Triage

Sharing

General

Target

42a25eccf0c170d1ace5fb8645b054d4_JaffaCakes118
Size

383KB
MD5

42a25eccf0c170d1ace5fb8645b054d4
SHA1

c867cfdf2e087bd0f5791e2fbaa830b7c517d5aa
SHA256

72bfd5f144c42db3528d0208f2a6c23fe88f3d39134c79935787c27446270d2c
SHA512

0b5ad52a3676e2e15e8e42860d2a38d7a61fa1941d395c2dfad191b05426a51c4787a9ec2adfcdea796568bfe2bd41108aeefe1a8eed6e9d5746401a7c34d1a1
SSDEEP

6144:a4Dr9JATKUel/8AemBbDPdon4jflXrBjgPTHRwB2W584QpWBXo8J1pmTGc4cTTgK:a4DrQGB7bZocflXrQxwHXQUBYymTdPXg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42a25eccf0c170d1ace5fb8645b054d4_JaffaCakes118

Files

42a25eccf0c170d1ace5fb8645b054d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dae2264e721d7c66f7fa35e864d11aba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
LoadLibraryA

Sections

.Kaos2
Size: - Virtual size: 772KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Kaos12
Size: 378KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ