59ff018365e9f0cb58b6c1c3a932662f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

59ff018365e9f0cb58b6c1c3a932662f_JaffaCakes118
Size

419KB
MD5

59ff018365e9f0cb58b6c1c3a932662f
SHA1

611a5ffab92209f2c407fe21647e403af689d11c
SHA256

877358262c7cd8195c731ce603593b4a124f2226b890c0dbf0c6c499d47ddfee
SHA512

6049f8d9a5442b54b6a5a3f3147b6c00b28b7ec3a4b24506b81673b1a1871ea05012791a5d41b7089fed18f5a0426aafa78c6fa05474d3d81073aec6c884d680
SSDEEP

6144:URG1EEmLyzJwzX26aHxc01aBANZ87J5iRe1YIdOfB14rQSlXjgIdH2nCkA:URcPwzX26aJNNqJqeYqU4k4oCk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59ff018365e9f0cb58b6c1c3a932662f_JaffaCakes118

Files

59ff018365e9f0cb58b6c1c3a932662f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4d8e9e06f8e51550e3e5089179e9846d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA

Sections

Size: 282KB - Virtual size: 648KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 98KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE