8344bd8ff73eacb20ce68ceb8ebce223_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8344bd8ff73eacb20ce68ceb8ebce223_JaffaCakes118
Size

730KB
MD5

8344bd8ff73eacb20ce68ceb8ebce223
SHA1

8060cbe095120642ffc6e76259fc4044e4ce8712
SHA256

7c8d9280c1ea4079b9187a0c667c10e98a0fd90b2652d2a27dc559d15c8b68c8
SHA512

6b8db37cc3f9cbc7b0c524f0b15d6f7b8f85e20c7cc127943bdb30ed06d565fc5ce9f63fec7aaf042b6046ca07e29706ad4fed4986cfffac1a4222375e894636
SSDEEP

12288:gpkAqV4QgfZ7MAklki+qko6Db5I6KMcyPzl34dt7riKOTUzHBfmOx3IKhsqEqd:g9zZ3q5+w6DbNnPd4rriKkUteOx3IKht

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8344bd8ff73eacb20ce68ceb8ebce223_JaffaCakes118

Files

8344bd8ff73eacb20ce68ceb8ebce223_JaffaCakes118
.exe windows:4 windows x86 arch:x86

644c625dbe727aed8203259448f73750

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvbvm60

EVENT_SINK_GetIDsOfNames

Sections

pec1
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 717KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE