476ec94799853665c9a60208da3e745a_JaffaCakes118 | Triage

Sharing

General

Target

476ec94799853665c9a60208da3e745a_JaffaCakes118
Size

21KB
MD5

476ec94799853665c9a60208da3e745a
SHA1

719788a62d9da8be345cd51eb5725c660123bab4
SHA256

f880ef7d8c692d83aecf1c3847eeb75f33458c37080b791b9750c8ab7f140509
SHA512

bf440478cea65f04e0cde59402eb6020087d27c8fe0150979f792a03e03e080a31565a9df12b32e21ac5b2c99a479e22d4967e7ed07e317b6340655b82bd65e5
SSDEEP

384:TB5xgtV2sjWL/BROPlQcgjTwMYFqmMPEINsRtRp:NTgWbLePlQPEMYFnMcI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
476ec94799853665c9a60208da3e745a_JaffaCakes118

Files

476ec94799853665c9a60208da3e745a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c35ed123bf7fb5532653325910c7a41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualAlloc
VirtualFree

Sections

.text
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.llydd
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE