ac6a1744265921fb7f33760ae21bd815_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac6a1744265921fb7f33760ae21bd815_JaffaCakes118
Size

333KB
MD5

ac6a1744265921fb7f33760ae21bd815
SHA1

d62bb1546bc4e36a0934e9db535aae6bd47cbfae
SHA256

eb0722da7bb9bad1f643369b8abede9578dbfa51f1f134dbe0799763ee70375e
SHA512

83c24d379cc6a9eb3c9832c405a45d0cd0656fdf9e923d24bfe36ff08ef590326e6a3adb5fafcfe28ef96dddc32a4dde4bb1a88c44ce3052a3000fe6a56eb043
SSDEEP

6144:y5SRq89X33ikpXLPUvUXRSFqxgLK9M2Xv6JJfdnd3AAuycYJ20In/RB6qs61k6Sc:yB+ykNzU+I2SRJVnd3JFcW20I/uqs0k6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac6a1744265921fb7f33760ae21bd815_JaffaCakes118

Files

ac6a1744265921fb7f33760ae21bd815_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dae2264e721d7c66f7fa35e864d11aba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
LoadLibraryA

Sections

.Kaos2
Size: - Virtual size: 676KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Kaos12
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ