493c8df3f42fd2bc4e90763b671ba5cd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

493c8df3f42fd2bc4e90763b671ba5cd_JaffaCakes118
Size

600KB
MD5

493c8df3f42fd2bc4e90763b671ba5cd
SHA1

f1392d17733aac3b574bfd326192fa1ddc9157a7
SHA256

2bb3765479c0099bc2b2df21bdbb4f75c939cb3a4398b8176b1be70775ddc1e6
SHA512

6eff1b296df31b5a7874f94f16c474630f4e04a5b88ccc0b0b933f4a7839875e33a135bbc91899ae3cceabd224d9502ef6e9bfa9d2d1d9a428d442ce7171b58a
SSDEEP

12288:vr8KDUBmNAkbQGFOgZFxThCyCs4QL08CkLYlAsILGpGMRrJhEah:vr8KDUOAkbNOgZFxThKpQIQLYjAMRrJR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
493c8df3f42fd2bc4e90763b671ba5cd_JaffaCakes118

Files

493c8df3f42fd2bc4e90763b671ba5cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dae2264e721d7c66f7fa35e864d11aba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
LoadLibraryA

Sections

.Kaos2
Size: - Virtual size: 576KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Kaos12
Size: 599KB - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ