65bf38ecbe4a6809691a05290cc0aa81_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65bf38ecbe4a6809691a05290cc0aa81_JaffaCakes118
Size

282KB
MD5

65bf38ecbe4a6809691a05290cc0aa81
SHA1

c273acf9f7402a24a315d3cab13078c6f973691f
SHA256

5db11d827630629fd5b795f7fb9bb7dd45928f1d93464bac266cfe3533db2659
SHA512

1e191efd51adb013064943b2f212e924e5d680350aa1c02e39e32b293851494d9939cb7b91a40cb4be0741fea8139ffafa9f5f5911888a1d8f594ec6522517d3
SSDEEP

6144:O3636Agi1CFEcKN6bpLMGfvGNDCDovf7NQC953+lxtoxhg1iD:/vkXb1G5CAfpvn3Qrog

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65bf38ecbe4a6809691a05290cc0aa81_JaffaCakes118

Files

65bf38ecbe4a6809691a05290cc0aa81_JaffaCakes118
.exe windows:0 windows x86 arch:x86

4d8e9e06f8e51550e3e5089179e9846d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA

Sections

Size: 182KB - Virtual size: 548KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 89KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE