75608660ba7eca27815be1644dcc6942_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75608660ba7eca27815be1644dcc6942_JaffaCakes118
Size

145KB
MD5

75608660ba7eca27815be1644dcc6942
SHA1

9e517c46cb1a0ed5665e0c91b971652e7ad208c6
SHA256

c89e699c3bc4771a35aca36fcd8d0007a4e3e569884b458426cd6ea7b0724f6a
SHA512

97dc5de929204a85146a380263a4f8d67c6d91d995e69e3e89b7dde915d1a2363ee33924478757a10afa0157d3dfbe1f3b15f51c88365f2616be23c558217b08
SSDEEP

3072:QRLFg66Rg/k8iKplROUonK91q4z3UWwA7xRjinzB6z:QFGRo9PoOLwA7fjinMz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75608660ba7eca27815be1644dcc6942_JaffaCakes118

Files

75608660ba7eca27815be1644dcc6942_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

0
Size: - Virtual size: 172KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 137KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE