866b76972b3ca337ce42daa34c052218_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

866b76972b3ca337ce42daa34c052218_JaffaCakes118
Size

20KB
MD5

866b76972b3ca337ce42daa34c052218
SHA1

2b865c7ca118bcd7ef869169449ae5892d3939ee
SHA256

a4180c8bd2bdc934957b6d9feaf9c90f7b34286558802558b2a79e83fd6762ea
SHA512

832e9426b54250dee79a3d5a414057fbcee694531e040d5ca297e957d7345226db83bcbda79ad0e6fffbc0bad113f20e269ef98bab72f362e56fd9707da7acd7
SSDEEP

384:tIYfYjvGRy19Ds2xMp2KMmhKntKr2e6cxJqU5WzkfqaZeV:hQjvJDs222KPCKrVOMbZeV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
866b76972b3ca337ce42daa34c052218_JaffaCakes118

Files

866b76972b3ca337ce42daa34c052218_JaffaCakes118
.exe windows:4 windows x86 arch:x86

866a68e06eca6e641648628d2ad17f23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
GetProcAddress
GetThreadContext
HeapAlloc
HeapCreate
HeapDestroy
ResumeThread
SetThreadContext
SuspendThread
VirtualAlloc

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ