6727f710ba91d13891fe350942e6a21a_JaffaCakes118 | Triage

Sharing

General

Target

6727f710ba91d13891fe350942e6a21a_JaffaCakes118
Size

1.3MB
MD5

6727f710ba91d13891fe350942e6a21a
SHA1

5c40b327db56b93d33bdab9a84bf3f00bcfd3115
SHA256

9ca27d87b2a495d155c6c91ad97405e83597777a6fca87b5a41a09e476789cbe
SHA512

db3cdbc39e95754e7da7d124a2b491f370615ec4d95c6f341111ece772aadcc275e3007a3bbfb43a4acf7200f724d6cec47c3ee8e8695de1a8f97ade2300124c
SSDEEP

24576:EZPntEPQGPp8fTPY/rIBqCPrAw1qbcjhrEipq/kkikkkkkkkqkkkkXs7F7:WtiQoO6MRP8w1qbYEipq/kkikkkkkkke

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6727f710ba91d13891fe350942e6a21a_JaffaCakes118

Files

6727f710ba91d13891fe350942e6a21a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

CODE
Size: 353KB - Virtual size: 996KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rorg
Size: 909KB - Virtual size: 932KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE