765662ac505d80b776a7a79978c40843_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

765662ac505d80b776a7a79978c40843_JaffaCakes118
Size

1.3MB
MD5

765662ac505d80b776a7a79978c40843
SHA1

6a6d3b8268c66ec425dfe8652ade76e67b00258e
SHA256

2b5e37eb703b20d644d3c819749c4b3af4d4d526b81898d639197521dedb7732
SHA512

0a5a3b61c65362d65bf52dabe1572224aed3790ed65863baaa041ad3b3572eb0a9e57e94d469c01f1919ba865f5ec6ae159db4ed7c8dfc842af2e34959c8c2db
SSDEEP

24576:HeQwjmmPyM31kbRzQYntJjGXMvjoitlHtvuLRu6nYklvLCeT:Ojxyc1InHCcLoitlduLoIvLCG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
765662ac505d80b776a7a79978c40843_JaffaCakes118

Files

765662ac505d80b776a7a79978c40843_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b8111320f794d9e62a7ffe5d84bed59a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualFree
VirtualAlloc

Sections

hmimys
Size: - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hmimys
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hmimys
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE