5dd32006c908f874f653443ccca9b478_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5dd32006c908f874f653443ccca9b478_JaffaCakes118
Size

1.0MB
MD5

5dd32006c908f874f653443ccca9b478
SHA1

9e445df59c9d3d7a80fa945a7ab5c7912b5095db
SHA256

eaec84f3598bf0c4f804b8564f9730f0e2892fb526bbf9c728f5c629d287807b
SHA512

7f8890fdc5ab96ae43a0d765493efec96ffeb1e3a8d4ee4c235f4258325e9700e83751f7eff530f16bd8fc0dd2bdd0fc81340180b34f5817222bd412bc9368a3
SSDEEP

12288:AOL4KI6H/U7IkopEIpDLX+S1jgEUVja2VRgphW34tTzSwP:AEK6+I7xv7j3Z2/0e4Fz9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5dd32006c908f874f653443ccca9b478_JaffaCakes118

Files

5dd32006c908f874f653443ccca9b478_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4efc2d3e673738b5817f6cc5819957f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetModuleHandleA
FlushInstructionCache
VirtualProtect
GetTickCount
GetLastError
GetProcAddress
LoadLibraryA
Sleep
LocalFree
LocalAlloc
VirtualProtect

user32

wsprintfA

Sections

_'Kw['Qj
Size: - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

x8*Aq1Lq
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

u'Z&#(gq
Size: - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hOwr"^`L
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

<1wvYj$1
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE