5c81616e2f0e9c0f6b303611db8f4c64_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c81616e2f0e9c0f6b303611db8f4c64_JaffaCakes118
Size

1023KB
MD5

5c81616e2f0e9c0f6b303611db8f4c64
SHA1

c678e3d8429c4afcf24e20d3e8b3cfce5ce1a6cd
SHA256

227e0ca601837851c181bd3019c676eb3bd3730568e6262ee625132fff7e16ca
SHA512

3563d183a037d939a704a2d5c26364bcb3f9c7f503df9564f3e538aa31a148b50462d51a5e89998cfb496b92adc13db223e0b204f8dda06b5aaf5fdda0c88f06
SSDEEP

12288:kFvjWaX0wPSiITt6XzgbngiDWrSVjxuWwzadJtExvaWOiTI7oGBg86PsYO8VZJ4q:IqKpI6GDWrUjxKaEaMCbKZMg8sboFi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c81616e2f0e9c0f6b303611db8f4c64_JaffaCakes118

Files

5c81616e2f0e9c0f6b303611db8f4c64_JaffaCakes118
.exe windows:4 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress

Sections

.nos
Size: - Virtual size: 240KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ