a59dc2bf9907f75055e2c635348784f6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a59dc2bf9907f75055e2c635348784f6_JaffaCakes118
Size

71KB
MD5

a59dc2bf9907f75055e2c635348784f6
SHA1

38dfd699e25930083ab3bf56b12303e4a5463b33
SHA256

0ab30301471f870287acc120ad9bd2bb46fa93bfd8f0d3e0c0dc9fb25f989ef1
SHA512

1eed1b85a48e74be38034c5328229eee69cfe1801d8944a734017ca7979733c6ec79aabff6b73468ea8dc05342f4bd6c54e258df6d468bd8f0c1495f63913a4d
SSDEEP

1536:w+QlCUhpDzufNOdxdyEUINhkkrH2oQL9UjkwGTfGxnA:w3CUhY0x1T2LnTfGxnA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a59dc2bf9907f75055e2c635348784f6_JaffaCakes118

Files

a59dc2bf9907f75055e2c635348784f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 63KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

A
Size: 4B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

A
Size: 4B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE