894432a3e31a4179ff6127102d3f0f59_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

894432a3e31a4179ff6127102d3f0f59_JaffaCakes118
Size

224KB
MD5

894432a3e31a4179ff6127102d3f0f59
SHA1

e81bc192d76cbd25b52aa18e080b79dfb7cc7985
SHA256

4635a7ab4aa07b289e52903d634684c7df6b268775b261dadd7d81c44e7368e5
SHA512

14bf2cb2b514d803fe8f0b25e73d6a5bb115ccaccdcd22fa070f0876dbb17d6351b6b4367cdaebf3c5ffed7db38b95d6fcda48dae576481ab15bfb1bb4612ff5
SSDEEP

6144:bVDw2XDUtI6h0hGARrVlbcu9YizPlNyJhykbRivByey:bFVAtu/rvTYwl+eyx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
894432a3e31a4179ff6127102d3f0f59_JaffaCakes118

Files

894432a3e31a4179ff6127102d3f0f59_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a498eee87e4d89512a84502f500181f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA

Sections

Size: 136KB - Virtual size: 972KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 80KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE