67e72b246fa68902935978681fa72358_JaffaCakes118 | Triage

Sharing

General

Target

67e72b246fa68902935978681fa72358_JaffaCakes118
Size

18KB
MD5

67e72b246fa68902935978681fa72358
SHA1

0729701822bf400660038f06b0c3ab6da58c1351
SHA256

1b733994882c9dfd6a56567db8baf2b6a4799dcfa48cb03ee87f72c0ac9d1e0f
SHA512

4a0cd976bf9d047f5f3ca2b8e6253a53e95dbe5f481b11661a2e6f75c64fbe3b3c830fab3fc153d0e1b098ad3c14300fcc2e9d4fa06b90607ab6f78db62f4440
SSDEEP

384:So3bqfV9APDVizbW2n9KzikSseKiWrt3yV4typa:S8bqfAVizK29OJSsI0Oa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67e72b246fa68902935978681fa72358_JaffaCakes118

Files

67e72b246fa68902935978681fa72358_JaffaCakes118
.exe windows:4 windows x86 arch:x86

34e3ad2f35e91ce6cd17105f70198ea8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GlobalAlloc

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 174B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE