a6f9ac58e558e46b579fc6260912610d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6f9ac58e558e46b579fc6260912610d_JaffaCakes118
Size

37KB
MD5

a6f9ac58e558e46b579fc6260912610d
SHA1

f5391ccb9ebc0935b3b57f818bcf312ccb506405
SHA256

eb57eed40b6f39380a99b9f89672e71449bc63eaf254cf68bbe6e767beefc88e
SHA512

0f807169789f73d00eef55c55b6f0d549b671649ae7af1e037182a85ff0a1ce50ca5244cd0f55bda02154b23653c71f64427011a911731d909e9836e760b7b18
SSDEEP

768:iYPLZo/aTdk3wVZ1IBN0KetSm74qQYD0GtE61JXS9tfL:xL5Td4iQByNtSo4qQY4GtECtMNL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6f9ac58e558e46b579fc6260912610d_JaffaCakes118

Files

a6f9ac58e558e46b579fc6260912610d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ebec7a5534c9a1ad4d5947c352bffa28

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
VirtualProtect
LoadLibraryA
TlsGetValue
GetProcAddress
SetEvent
ResetEvent

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 170B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ