73ad582d8b9395818b8c7ef8532caf85_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73ad582d8b9395818b8c7ef8532caf85_JaffaCakes118
Size

408KB
MD5

73ad582d8b9395818b8c7ef8532caf85
SHA1

29f038915dfb7b27e3eae75b2c660a541f48044f
SHA256

722a7fd5ed493d28f7608bd586ec287b221895a4efb244ba29def17435aec797
SHA512

f333e385cc26ca56dfc2259d0436d349c800303421b41a14e24eb6ed05c0c165ccfd31f716f14720c8a5aa642475642d5f56c4b141226c42bbf94a61accf59e8
SSDEEP

6144:JOL9LzfWBvLZp7i2PjBmchi8nvVXbodsQoMWJOOWSez7xXwu7nyE4JxX8TBFh2Xm:JORLzfgZp7TBb9XcPO6z3y9n8TZjzj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73ad582d8b9395818b8c7ef8532caf85_JaffaCakes118

Files

73ad582d8b9395818b8c7ef8532caf85_JaffaCakes118
.exe windows:4 windows x86 arch:x86

054001c2eaad37846ff50ebce99b02f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualProtect
GetModuleHandleA
GetProcAddress

advapi32

OpenServiceA

user32

CharNextA

oleaut32

SysFreeString

Sections

.text
Size: 402KB - Virtual size: 676KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

linghun
Size: 62B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE