5bac68a3ff44f3281ae5a0f9f16579ee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5bac68a3ff44f3281ae5a0f9f16579ee_JaffaCakes118
Size

9KB
MD5

5bac68a3ff44f3281ae5a0f9f16579ee
SHA1

cada7984ceac156cccf09e957c669003898a7ffc
SHA256

515c0c74dfcf38fad99d8a22a3c8c8d5ee12b0a78ba50a2e30db333af7599988
SHA512

e174bd26392b844874453251dab7ffb7f3ce0a978733071ab35a6a3db075c2d94d132c85d3098e8ae557272333eb54e7a9a492ce56864e8193c5d88f5c3167ab
SSDEEP

192:3pwlSD99LZun3JgnVkF/IYF0BPl27CTt2El98u+2K:36laC3OVkFMPlOstJL8u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bac68a3ff44f3281ae5a0f9f16579ee_JaffaCakes118

Files

5bac68a3ff44f3281ae5a0f9f16579ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8fe8b594b34b91e0bf9c4377031c33e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
WaitForSingleObject

Sections

.code
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ