5b03375d2eee267abea8c900f34545b5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b03375d2eee267abea8c900f34545b5_JaffaCakes118
Size

75KB
MD5

5b03375d2eee267abea8c900f34545b5
SHA1

abb94ed207e434e90aecd93b2c537f951cba344e
SHA256

53ed0a56b8f26911559ebe9b9d6b3d731b2a64a5ad799fe747f6238cbbcb9553
SHA512

8e98beff79f8fa2422a7b88fa8943ab9099594b339d7d414ae94592ea7ff93449605de0dbd79c8c9593ba8927e1cb5d1fb7d8dd0a79d42df0edbad72d9288418
SSDEEP

1536:Jc1cv3/LYx75opcgv7kyOXLKywGTEPMpX0hNtZ5os4kd/c:WaP/kR5BEoyOXLfx01r/c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b03375d2eee267abea8c900f34545b5_JaffaCakes118

Files

5b03375d2eee267abea8c900f34545b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

148bf55ceb3e5471ef5f9ffc2bb75e2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect

Sections

.XVrX0
Size: 10KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.XVrX
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE