8413d1a877a7cbab0d0675aa7bbe6163_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8413d1a877a7cbab0d0675aa7bbe6163_JaffaCakes118
Size

172KB
MD5

8413d1a877a7cbab0d0675aa7bbe6163
SHA1

fa05e46a88603342f08482752b216714c4666582
SHA256

7682ba9a735078df7a9bb4ac6332c5be75c0d5228f47649def1191efd12afae0
SHA512

bfe346a22058e69190456ba176a5f5281a4632d95c8330679e29856b3a81d150709330dbd457b741385558eaa72ad2afbf2722507754cfb848a99f9abd19b231
SSDEEP

3072:hkEHNOncWT8w7SPB19T0XfIn3tLLdrw2Dzc+RsqhwKbQDE4wQaRdE5:3gc87qBDT0XKxhI+R1T0rEdE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8413d1a877a7cbab0d0675aa7bbe6163_JaffaCakes118

Files

8413d1a877a7cbab0d0675aa7bbe6163_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4efc2d3e673738b5817f6cc5819957f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetModuleHandleA
FlushInstructionCache
VirtualProtect
GetTickCount
GetLastError
GetProcAddress
LoadLibraryA
Sleep
LocalFree
LocalAlloc
VirtualProtect

user32

wsprintfA

Sections

qeF$k-Cy
Size: - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SG:3vJ[W
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

+BAcsPy>
Size: - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

L6G uZ/K
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6o7abET\
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE