9475e0b992536624ed8027b75b2c9250_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9475e0b992536624ed8027b75b2c9250_JaffaCakes118
Size

90KB
MD5

9475e0b992536624ed8027b75b2c9250
SHA1

ccbee0fb27ae6a8256e99641145bd13937a66976
SHA256

79d679c4b2aa8e42ff8cf13ff9eb6c4c8e6eb44c905a5f07439c296793d4d298
SHA512

028bb8d0904cfef6868d6ca801eb8c14a313696a8028cfa65aa4220ea55fbe5d47e79cc7ddbe78270c801c78e1a417abbbb3bb532afa33b143c33f4bf5926348
SSDEEP

1536:R/grtqphbYeBMgmpabYpOAIuQwTMdn/ZdvF/ex6nBI:R/gAhjE5LIbw0xex6nB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9475e0b992536624ed8027b75b2c9250_JaffaCakes118

Files

9475e0b992536624ed8027b75b2c9250_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28a105013b778a397906b8120bf02776

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

pdb.pdb

Imports

kernel32

GetProcessHeap
HeapFree
HeapCompact
HeapAlloc

msvcrt

memset

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ