5f46c09d4905a08f86b9c95dd509b09d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f46c09d4905a08f86b9c95dd509b09d_JaffaCakes118
Size

602KB
MD5

5f46c09d4905a08f86b9c95dd509b09d
SHA1

a7ea491f0c390f5cf25dba5a022dd061c9ae367b
SHA256

d506302840f9fd1624ae523f9ddb7f15155deb2063e2d8cc648b8d7bbd4e7f46
SHA512

f4f63c0e34e25622e55079eed54b32bd20950c95b6ac386e3e2bb52d4844a040102d5dc22f76cd0d34e7c6ae5f5dd07dbf4f740718785add15d7fc9bb7d4ac7b
SSDEEP

12288:a7edXRsJ41zkCxWtDPHhc/R/wTzpkXtf0HcffS2/r5eHTWhzDUHvV6i2GCZQ72:SshsykCxWtbqOpBHoSWr5ezWhfbG3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f46c09d4905a08f86b9c95dd509b09d_JaffaCakes118

Files

5f46c09d4905a08f86b9c95dd509b09d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b2956c3907da62cb260497ca4c38641a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetModuleHandleA
LoadLibraryA
FreeLibrary
VirtualProtect
ExitProcess

user32

CloseWindow
IsWindowEnabled

Exports

Exports

BeginIsmlyamrwng
BeginYbntlyx
Iqpvgqkps

Sections

.text
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.virtsec
Size: 1B - Virtual size: 812KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 567KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ