46b9afda80dbea701889c6ac1a25649c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46b9afda80dbea701889c6ac1a25649c_JaffaCakes118
Size

74KB
MD5

46b9afda80dbea701889c6ac1a25649c
SHA1

2905ebc9322f06f82dfcd17e3c70ddf56cead289
SHA256

76d046a916317dfb5747c8ff63a3bcf357e42a0cc4e8c1cd7f6cfbb23c47c91b
SHA512

338f79ad28d1a69f29a3d196112a517b52510269373de0f420d5e5fe4e0c107b40a3014385016bd62e610c076690f574b6ae71a14635bebb75797ec3d60aea09
SSDEEP

1536:If63Q54kaVUlzxRk61Oc/Wa4g8CLM4Lp5Jop0s6ZXKqVKskJGo6Lsj1J3+zMy0:Ip5l/kMOc/fhM8pE0s65KqVmJ681J3M8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46b9afda80dbea701889c6ac1a25649c_JaffaCakes118

Files

46b9afda80dbea701889c6ac1a25649c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b13545902a33a4fce97c4e9afd63445d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvbvm60

ord696

Sections

pec1
Size: 68KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE