a493b95280f3eece3202fbcea95ecad7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a493b95280f3eece3202fbcea95ecad7_JaffaCakes118
Size

382KB
MD5

a493b95280f3eece3202fbcea95ecad7
SHA1

4cdf23c34500083a213cb08f201104f072f381e7
SHA256

28ff98e745c2fec571299df348de7fccf9341bee3112ef6952463eca493dd392
SHA512

2099eb6b827d7fb28d8638e899182f16ce4c10216b69b7ee73a0d1c39e11c46431a54203743527e56c2a62d62a3d81958e6396d5e13a93f96896361dc069ec13
SSDEEP

6144:5YKMBq2eiWB6fOl/T9w2fxjo/qRu+ZeX12AjZ0thpZTs36fIUdQEluSqImraf:/yq2eP0fOxJw2fcKu++10TpZ06wVSqxW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a493b95280f3eece3202fbcea95ecad7_JaffaCakes118

Files

a493b95280f3eece3202fbcea95ecad7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dae2264e721d7c66f7fa35e864d11aba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
LoadLibraryA

Sections

.Kaos2
Size: - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Kaos12
Size: 379KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mumaba
Size: 28B - Virtual size: 28B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ