4673f9d6838f9024892a0b72e499caf9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4673f9d6838f9024892a0b72e499caf9_JaffaCakes118
Size

22KB
MD5

4673f9d6838f9024892a0b72e499caf9
SHA1

71575bac54adcd101d0ca87c036e21d74205eff5
SHA256

6e0ce03fd5182a721fed4bf637255ceb593750ea9c0a1c33d43972158c09824b
SHA512

23f150273f3190bdd2940793a69c548e4cf0085f4df602635064df7d114db39014793d1d501a88715f27f2bce22f6649cde425bcecfb31fd3ff3c178c6485b2a
SSDEEP

384:tyNRJ0b8iSeN8+wnSmqD827E8cXsBzNnbwVhrAmAu/edCz:tJrSeN83ny82Q8jzNnbwVhcB4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4673f9d6838f9024892a0b72e499caf9_JaffaCakes118

Files

4673f9d6838f9024892a0b72e499caf9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b9f2cc673e99f556444ad901886c064a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
LoadLibraryA
Sleep

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE