4dd86f3126c6672d5bddb20dc336e0dc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4dd86f3126c6672d5bddb20dc336e0dc_JaffaCakes118
Size

18KB
MD5

4dd86f3126c6672d5bddb20dc336e0dc
SHA1

c41cb18acfb9fd1d7bb6362ab3b27db1ea427020
SHA256

1ab49e455177967b3d740dae63c925a2d9c385a0a820b315e0a0c8c0dbc01a82
SHA512

38093ccce79e9971409256df28f9fe2202a255dd5bda92aa5b3919c3c61643f43e0409e49ab8940d4af8e258c5ed37df10a4fb259a3f0bedee0b0da55448788e
SSDEEP

384:7xmb80Ucn7vqhek/iiQYHUVcDFjIPJKCm++zJnlns7cTt4hDAyBR:7xf3cn2/QYHUuDBKKCmXHlTQAy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4dd86f3126c6672d5bddb20dc336e0dc_JaffaCakes118

Files

4dd86f3126c6672d5bddb20dc336e0dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 15KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.topo0
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE