a18a8b89dcd246ba0a47db9886cbdafb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a18a8b89dcd246ba0a47db9886cbdafb_JaffaCakes118
Size

3.7MB
MD5

a18a8b89dcd246ba0a47db9886cbdafb
SHA1

50f7914ee98ef808bfd5af4733f5aee552efa056
SHA256

99050404482d321c7fb24110868b8c1d2cbc4d107e21363f05147636cd55675e
SHA512

556797b9a48c67ba4c45eca27c89825d5272dee8914db8fb755b3dfcfd29f99863a5e3b03e4cf14b1487990157febedebd23a5c07d283d4d8f00bfa41bdddaaf
SSDEEP

98304:p1u5+LIR70l/DabgThrUqGaW0hGs6LqVomT:Tx8R7eba8hUzbGGcj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a18a8b89dcd246ba0a47db9886cbdafb_JaffaCakes118

Files

a18a8b89dcd246ba0a47db9886cbdafb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dae2264e721d7c66f7fa35e864d11aba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
LoadLibraryA

Sections

lkn0
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lkn1
Size: 552KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lkn2
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE