705254121e9a5243826fb33e40e1308e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

705254121e9a5243826fb33e40e1308e_JaffaCakes118
Size

785KB
MD5

705254121e9a5243826fb33e40e1308e
SHA1

9e4528f3f1d2d4c287faf620869f65a101a8c36d
SHA256

0fd514e98eb5d880685313f8d14537365cf5571d95336413030a1bc1d9179021
SHA512

0f99e43c3bf549cab6696a7eeeaa17f6bf10d415d384704fa212ff98d1650ac925fc3c03839afaa33c0be08895ff69d97433818d9f667ffec221a7976625f754
SSDEEP

24576:3Qj22hMD+bXDfrsVKxeDdFdZEcQf59ayOzJ2yG:gS2C+bXDzsVESVZwSzk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
705254121e9a5243826fb33e40e1308e_JaffaCakes118

Files

705254121e9a5243826fb33e40e1308e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a53f732e1bbd70e2b3217e8d53ce6afb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

Sections

pec1
Size: 6KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pec
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE