5abf3715eda89c98034a142fe45adfa6_JaffaCakes118 | Triage

Sharing

General

Target

5abf3715eda89c98034a142fe45adfa6_JaffaCakes118
Size

47KB
MD5

5abf3715eda89c98034a142fe45adfa6
SHA1

12bb3882bdac54ab068eaab36fc0dfbfb99839ea
SHA256

27f880b7340f2e89d528bd1fc1914b1b9f83f94b03bbedfccc9323cd5143c237
SHA512

7ce3c74242d374d7e353670e4c9f31114c02d7b4749e80a68797a434d59acacdc88b085aafb9844073d6894d807c3da80a7b008c3c7e891f0b01f2f6260fc36e
SSDEEP

768:lcop02BKIjzVQtf4IokSZeunwyK633XHkQk4XiuQ8wDfLGe7xWHZNSlNJYsa/u:lcoOnIjzV4ecfwHXkQk4yuR8C4oN3/u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5abf3715eda89c98034a142fe45adfa6_JaffaCakes118

Files

5abf3715eda89c98034a142fe45adfa6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2e198ce7e0c70f279233f4d2a4c01c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

Sections

.text
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code0
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.code1
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE