4ac06a6c8b3095eb78d0a587856823a9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ac06a6c8b3095eb78d0a587856823a9_JaffaCakes118
Size

227KB
MD5

4ac06a6c8b3095eb78d0a587856823a9
SHA1

fde91e79660431615d6b3d19773f8021180e617b
SHA256

2a15c8a4aeffe92a4a5981dd16733b6a3c8e84f3b8ee3c4e7b52069cc6c4a67f
SHA512

f59cd8ea504384fe6d2937bca0430b73866ecf64073128275a9bff3cd6d97082fcf752dd60dcb7ce980793fb291852389984bdbb1c543463394c301dbf3759ce
SSDEEP

6144:eP9MLti90apwQiusxD5sISSe/gRHl55vkurX5aw:ESi90apwd55re/gRHl55vkCJa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ac06a6c8b3095eb78d0a587856823a9_JaffaCakes118

Files

4ac06a6c8b3095eb78d0a587856823a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2363336cf20259c4f02895878618389

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualAlloc
ReleaseSemaphore
LoadLibraryA
ExitProcess
GetProcAddress

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ