6a0288329c0acf8b7cfb2924ca103e01_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a0288329c0acf8b7cfb2924ca103e01_JaffaCakes118
Size

14KB
MD5

6a0288329c0acf8b7cfb2924ca103e01
SHA1

20c335b210a60a02cbdd1d7fef1fee79e54bca05
SHA256

517219af37f14423e1ce19ba52e640f4b6475daa9f9cbab9ee1e1f7a8a285b3f
SHA512

b698c970cb58ad09b33b1439780a7a43fa6dfcae94e4e85045472903c838d6ec2968674c74ae51a0a3c7a18c0b53e8cffe6d4fa237e75f8f8addb41b9618f04d
SSDEEP

192:Knq4zqD9YjtY8gU3xneFI5ue25fh7KvtFVKsK+lkcxJNWCbWLLWt:KFzqD9YRL5eFI5ueOxK1zKZ5SWLit

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a0288329c0acf8b7cfb2924ca103e01_JaffaCakes118

Files

6a0288329c0acf8b7cfb2924ca103e01_JaffaCakes118
.exe windows:4 windows x86 arch:x86

148bf55ceb3e5471ef5f9ffc2bb75e2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect

Sections

.XComp0
Size: 6KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.XComp
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE