7079dcd2fb687f9667e3a397cda4f4e9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7079dcd2fb687f9667e3a397cda4f4e9_JaffaCakes118
Size

413KB
MD5

7079dcd2fb687f9667e3a397cda4f4e9
SHA1

d236d01f7c54a76714dfdc083a7adcc209f86244
SHA256

ced132bdec9e06952a7ed733501b1eb0465ea68894513f017a433e2c9a11b1b9
SHA512

d5d96e73f2bdaac1347b2b6dcdd3cf7ffdf6eb6f35f75217c57cb8282867f8b409cbd5a9ec15c9003e4bc87e984a50761f6e50718179d0ccd59bd8c3da59379c
SSDEEP

6144:2U+KlakqbGgIaZcq3R/H1B2dKl2lwmHgz4J7TLscfwSjnlyPFQOFMopAp/U4l:2U+KlWb/ZZcqh/V2bLrwSydQOFTpUs4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7079dcd2fb687f9667e3a397cda4f4e9_JaffaCakes118

Files

7079dcd2fb687f9667e3a397cda4f4e9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dae2264e721d7c66f7fa35e864d11aba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
LoadLibraryA

Sections

.Kaos2
Size: - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Kaos12
Size: 406KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PKLITE
Size: 26B - Virtual size: 26B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kryptor
Size: 28B - Virtual size: 28B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ