a2237958d2182b8a024278d38f0fe642_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2237958d2182b8a024278d38f0fe642_JaffaCakes118
Size

116KB
MD5

a2237958d2182b8a024278d38f0fe642
SHA1

6d6a2910fe4a73a0b0d0a8432bb62cc3875a0ffc
SHA256

ca3ed398812a66eb112e9acb8872a7228051a04b5f8e2580cec62edafcd7e929
SHA512

37d5aa86fd220f321156b5e9841b5f717656a889724d0f52b35a513f91a5d61949d12a0eeee7cc56d7409004df9a0b5f6765888334c6c8f23af84d030f312786
SSDEEP

3072:EhgXbeZ1Wc6BbIWVrZLd15Fkpx7xMU+SRTrDZldtLYkq9C:E2QWckHNZLd15Fuxl+StDZtYkOC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2237958d2182b8a024278d38f0fe642_JaffaCakes118

Files

a2237958d2182b8a024278d38f0fe642_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b8880525430e7f475d56ebd4f0a63c21

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetLastError
GetCurrentProcess
VirtualFree
Sleep
ExitProcess

user32

CharNextA

Sections

.text
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Furfh. T
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Ofcawnyx
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Hbwtwn C
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ