5ef5a1241a0aac8598fae1ffbed45984_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ef5a1241a0aac8598fae1ffbed45984_JaffaCakes118
Size

26KB
MD5

5ef5a1241a0aac8598fae1ffbed45984
SHA1

1183f551ab8d5622e0dd9705c0c3a1391db9f2d3
SHA256

13f67010deb5ff33b9a3f2650c28d70a1a4017c16f9c9fd665bf648495bffa73
SHA512

b353708bde81fbb83d013b613424f3c9b74ad4a862d9b4fc1c387d9598d02004cba07bad7ee71d260891bc8c64e70ab1f5e59d298277aef4b81033a8dd792c0d
SSDEEP

384:I+Rn1A45wV0J+5M20HPeugPdru5FS+Mj8CL8vC1meDqO:xzLhxeuYFCS+wL8vWmeD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ef5a1241a0aac8598fae1ffbed45984_JaffaCakes118

Files

5ef5a1241a0aac8598fae1ffbed45984_JaffaCakes118
.exe windows:4 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress

Sections

.text
Size: 7KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DAStub
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE