610dd63845be881d9446cff5d1e62638_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

610dd63845be881d9446cff5d1e62638_JaffaCakes118
Size

17KB
MD5

610dd63845be881d9446cff5d1e62638
SHA1

6d588280ca6def081362737eab93a872e8f1e47a
SHA256

40664d9d65bfdcf5b03f8e44b1d3a806b268661df1db824402c697c0f0eb6c24
SHA512

b0172fa5f130eb285423308f983f49c22660be1c42cc946e16763e405acac810c58e57a48d41d686c93e4202609e9a36f75670d34e451c63c87ff56859c4e6ea
SSDEEP

384:1UEG7DJ5VNm0hbaYYHmbfu0kjR3/ZL53Fw3DRZqhE:1HYbm0BFlbSx5C3Dd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
610dd63845be881d9446cff5d1e62638_JaffaCakes118

Files

610dd63845be881d9446cff5d1e62638_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f44246a05f8e34732dcb3bf5c64407da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetModuleHandleA
LoadLibraryA
FreeLibrary
VirtualProtect
ExitProcess

user32

CloseWindow
GetWindowTextLengthA

Sections

.text
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sec3
Size: 560B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ