7472011ca29f18658f02986010961083_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7472011ca29f18658f02986010961083_JaffaCakes118
Size

23KB
MD5

7472011ca29f18658f02986010961083
SHA1

73f1a8c6838373766ac9658bdc87171ca37c864d
SHA256

b7552b7fef40f3049a3474daa0eee34a0c037641811d12985c351fb8bc77ae23
SHA512

be32ad407e6886330ea2c10796de948a9aca386f99c782a7e2e925046232ae79b49ddba2d1dc8cec122b976a206c9ae9a4fb673b3ebd852ca5d343cdfbcc0dee
SSDEEP

384:HtfJab/LhPrxHp3YOK75vTeEst9iOOtbeDC0BXNGWHCyVr8j8Ef/0o8hLteti:HtfJY/LRrlEFzsc5efpNGWi4rI8E30x7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7472011ca29f18658f02986010961083_JaffaCakes118

Files

7472011ca29f18658f02986010961083_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6fe964f82fd57f5fe5af99187f72146e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GlobalFree
LoadLibraryA
FreeLibrary
GetProcAddress
GetModuleHandleA
GetLastError
SetLastError
CloseHandle
ExitProcess
GetStartupInfoA
GetCommandLineA
HeapAlloc
GetProcessHeap

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE