69fc4f8e2738bcbb828aed3ade6c2999_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

69fc4f8e2738bcbb828aed3ade6c2999_JaffaCakes118
Size

82KB
MD5

69fc4f8e2738bcbb828aed3ade6c2999
SHA1

4d3ee0ce7f009d3cbba4d950dab51a1414e01be1
SHA256

e91427336ca40a042a3102450ab9520514dd3efde785374ce326636045f91cb7
SHA512

ed65ea5168228c87315ba3ed9710a6592231291eaa8bd5655ae4397f27dad75082aa5288052db87c0e2a6dd1e47f001bd5cce774a680bf200f1b55afad306edc
SSDEEP

1536:GczSrvzgszVLB9E2l+lavvcJ2We4ClcllalAMSp6c56NEkBfWkH:GczugsJ/9l+lMUYd4ZglAMpc5AJ0k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69fc4f8e2738bcbb828aed3ade6c2999_JaffaCakes118

Files

69fc4f8e2738bcbb828aed3ade6c2999_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7e2f37efa746bd38eec2c25f0c1dfad4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetModuleFileNameA
GetProcAddress

Exports

Exports

jaud
polut

Sections

.code
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 303B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mdata
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ