5b135dc21f35cde563c7e4397dfc8ec5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b135dc21f35cde563c7e4397dfc8ec5_JaffaCakes118
Size

173KB
MD5

5b135dc21f35cde563c7e4397dfc8ec5
SHA1

e4950c48c6f5a84fbb2b9f43caae64bd833cd7ca
SHA256

7aa4d7ef0fdc0ea96d6ca189ca8a9ac1fa11d8e2f150905ca8e0ff9ed8dc3aa3
SHA512

f5aa1ca6ddca9002a8c9a33c91edbbc91250062efca534bba7ce46233e4eada7a0238dd2a5cc9916d1483b3dbb0a6de0c53c41234e21445230723c9b06ee64d8
SSDEEP

3072:+zsDeBLmJMVQOjK8jfD2qMGyBDCNWVm1:2vLmeVQQjL2XBBDCNF1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b135dc21f35cde563c7e4397dfc8ec5_JaffaCakes118

Files

5b135dc21f35cde563c7e4397dfc8ec5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d86eee5f9d576ff1bc452e9eeb5cf91f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
SetLastError
VirtualFree
Sleep
ExitProcess

Sections

.text
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 169B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ergerg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ergerg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ergerg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jwkkauu
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE