49ea81411d70331777d9b9e486e961aa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49ea81411d70331777d9b9e486e961aa_JaffaCakes118
Size

176KB
MD5

49ea81411d70331777d9b9e486e961aa
SHA1

27bb39286483aabfd8d174edd21adc0012918e9a
SHA256

4ff18e172aca5085c9e2abd0be100caff4fb75b6068daa329bcd60fa81b3f460
SHA512

365ef07c8bb962bec5fa6115195e953364cf8b2ac53ed3f57e6f6a67a53ae878a096e3ea3a28cf4dafceaeae809ba41835b9d4cbab20da57c76b1b7ebec3a844
SSDEEP

3072:rtgLXqZgDkE1B+o8gnLSwqO64K8/WrmcLh6xM+5g5EUxj6Em5ZPPqluDVy3:JG6gDkE1B+o8qLvqz4925+qELt5dPvQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49ea81411d70331777d9b9e486e961aa_JaffaCakes118

Files

49ea81411d70331777d9b9e486e961aa_JaffaCakes118
.exe windows:0 windows x86 arch:x86

5a498eee87e4d89512a84502f500181f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA

Sections

Size: 39KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 67KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 67KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mini9
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mini9
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 511B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE