a6b212fb09b8fd9046bc4782a6ed27c3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6b212fb09b8fd9046bc4782a6ed27c3_JaffaCakes118
Size

508KB
MD5

a6b212fb09b8fd9046bc4782a6ed27c3
SHA1

4aea3e0fb3a58931ffafcb64e84948ec1149e668
SHA256

a9004fa35caf7fe111347bc94a031f736bd6f2385b122bd4c1c314dd5d7d067f
SHA512

4342dde2f7ab6a18a78dac304dd6bca954f6d7a12d8663ce48c3e6ebb8b62d970688b1e918716df722f17f5466ab8841968951bf599aa6fbe8632c7b919b557b
SSDEEP

6144:7Uey7JIYqUzlLLk8yTtlkR6vceueGLDitw8XBKrmhVHV2M34WxMzuyc0bB34FgGU:c1qe/F2tl267outarIX2rQ0lCI2aQe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6b212fb09b8fd9046bc4782a6ed27c3_JaffaCakes118

Files

a6b212fb09b8fd9046bc4782a6ed27c3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

371911b227edbe7096336cc847f8ecad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
CreateFileMappingA
lstrlenA

shell32

ShellExecuteA

Sections

.Kaos2
Size: - Virtual size: 488KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Kaos12
Size: 499KB - Virtual size: 500KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

New4
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.KK
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Fi7ke
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE