72d72f4529925f878ca27ac4464e8fdf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72d72f4529925f878ca27ac4464e8fdf_JaffaCakes118
Size

319KB
MD5

72d72f4529925f878ca27ac4464e8fdf
SHA1

11e560046ecfc7dac0f791214c5cfccf6e24a878
SHA256

70b2894ebb0d698635415ef6e5b4fc5f1fdde41f72bbf0356b7cde98b923faa7
SHA512

e58c8de31b5dc681008b22d20d80466c49b07b6eec3971f06c70687599e381abadb349a76e80c5408e2e362786439156aa3107ca717d93d1fe3a8a8bff67442c
SSDEEP

6144:ddqQVkTIOcFErTnMHZvqAc3P3iKjAbP37Bv4dH6ZJSfBEgws:ddzkzcurQHZvqAc3P3iXDl4dgJOBEts

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72d72f4529925f878ca27ac4464e8fdf_JaffaCakes118

Files

72d72f4529925f878ca27ac4464e8fdf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

148bf55ceb3e5471ef5f9ffc2bb75e2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect

Sections

.XComp0
Size: 192KB - Virtual size: 452KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 125KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.XComp
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE