83855f287cca069df4117c9506cf6608_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83855f287cca069df4117c9506cf6608_JaffaCakes118
Size

48KB
MD5

83855f287cca069df4117c9506cf6608
SHA1

4e6b41261ba2367a0414cca95c50f434a83990e5
SHA256

aff6d108e43ec904afba2f141f33f29c5270f08b52968b57c6e8b9c712176787
SHA512

0ac9debf2ad8db0471008bcf970a40fc957b0495db1224c43b23fcb6e6768e7d2b73757479077e729a0a22c482114f448a06af55f6a72e1e4e7046c284b21596
SSDEEP

1536:4oCWtjDVFqus90GQLQkBMwcIuD3HRvc/zNA5t9I04:zx0e63HRvc/zh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83855f287cca069df4117c9506cf6608_JaffaCakes118

Files

83855f287cca069df4117c9506cf6608_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a498eee87e4d89512a84502f500181f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA

Sections

Size: 7KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE