4bfe20db2ef94fdace485ea582ef1a0f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4bfe20db2ef94fdace485ea582ef1a0f_JaffaCakes118
Size

62KB
MD5

4bfe20db2ef94fdace485ea582ef1a0f
SHA1

7d99ba0686e7772ff511d6256a0d50fef70aa6bf
SHA256

182d2bdf71ef8ca5759fa55bae4faec79867bf83d4467d275fd5fa9e264960e1
SHA512

6f22c8cdbbd9ca03d764d39016ba1edb8f06116127adefaee5ea46a90580706cd41cc0e26102c9c87207947e0afa49d4a2e452b3920cc919fff5c73bd3069af9
SSDEEP

1536:s7AIDPTiJ3gqXP4LPzOGopaD655i2lYB5sTtW1IeTh:pb3ZPUrQoi5i2lft25

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bfe20db2ef94fdace485ea582ef1a0f_JaffaCakes118

Files

4bfe20db2ef94fdace485ea582ef1a0f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

CODE
Size: 31KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rorg
Size: 228B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE