617da44a4d662221ccacd7cfcd765647_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

617da44a4d662221ccacd7cfcd765647_JaffaCakes118
Size

138KB
MD5

617da44a4d662221ccacd7cfcd765647
SHA1

e86b75f896dea5e3b1e26e7cf394a3528232f607
SHA256

019a1d4962de8edb01887d85fb4401dd27e80952e02f7b67f6e72b3b8c02a7f1
SHA512

d974105e83123596c3da4b5b4db13bdf4fb369ad471ce3278d5a5f7b59b50c36148df3df24c020d3deec85c64813f42845589e80380126afc295c286d2981d3f
SSDEEP

3072:3cAB7K6FcI2NThqcdp51Z+3vlwyOKHe/TtcMUXc4:3cABJcIYZf5X+39wDeeb4L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
617da44a4d662221ccacd7cfcd765647_JaffaCakes118

Files

617da44a4d662221ccacd7cfcd765647_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4d8e9e06f8e51550e3e5089179e9846d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA

Sections

.text
Size: 19KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ccg
Size: 90KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE