69c85d732194d8bc750270f18d554a68_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

69c85d732194d8bc750270f18d554a68_JaffaCakes118
Size

102KB
MD5

69c85d732194d8bc750270f18d554a68
SHA1

e4b94793813b7f7c4694e200221bf86a96768062
SHA256

f152b76420898abcee4c6f45e7fce61976a283e074b68018eabe5fc68682a2f4
SHA512

e999d53b3750bdf9cb1e1b2d8c747b10fbeb02d9b84de8b341686a7a480d5770fcb3da97a1eb9718e2b7d640b55957dc36ea98fe7a4433b4decfb57bc13698ef
SSDEEP

3072:DTdPZLaUw2eS5HjuTOz6vsDPbBeCtGmrNCHYy2p:DhwUJeWafvwBeCdAHY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69c85d732194d8bc750270f18d554a68_JaffaCakes118

Files

69c85d732194d8bc750270f18d554a68_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

CODE
Size: 97KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

@4#822#
Size: 66B - Virtual size: 66B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE