6f8f48058a3d36b1f02a501bf8c0b8a3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6f8f48058a3d36b1f02a501bf8c0b8a3_JaffaCakes118
Size

32KB
MD5

6f8f48058a3d36b1f02a501bf8c0b8a3
SHA1

0a0da7d9988cc7b36b0676c03389b3f1763426f5
SHA256

49c27f6c2fc5ca04b29747aa1cbf90a537edc117827f8dc0412152e6306c264f
SHA512

554cd47560326ff7a926efaae72477f26e784e8b7e6fd9aeff3d18a7cd7015529b8365ade523ae9894188e187fe2e0f722ca901cd15a2b77847408a1801cb699
SSDEEP

768:TYYc/kQK2vpU+BYK62xoMiFm/G8l888888888889:TvMhlvO+RpH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f8f48058a3d36b1f02a501bf8c0b8a3_JaffaCakes118

Files

6f8f48058a3d36b1f02a501bf8c0b8a3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd51a645a9c68bd03b2e51586e5cbdcb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA

Sections

.text
Size: 22KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ