adca27677dfd432e38c96b7ef792170e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

adca27677dfd432e38c96b7ef792170e_JaffaCakes118
Size

116KB
MD5

adca27677dfd432e38c96b7ef792170e
SHA1

2556cb48c7aee4f365123c6fcf39195be2bfa5b6
SHA256

917db61746a7aa71540319365e8a74f8cf5fc2523d534fe520bda96e3a17ecd3
SHA512

0e39a170cd45fce6941dad29908e192caba5c6cbc9fe7e8556ad0a4baa1afc119f5cad048850bae9e5176cc672bb605c5614e08e220e3b186bcad2b7a4d7c4b3
SSDEEP

3072:XMXnox9BFsh0KSpHGgm4VnhJexTctqojhcAmI:tLmgm43CAqo1cA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adca27677dfd432e38c96b7ef792170e_JaffaCakes118

Files

adca27677dfd432e38c96b7ef792170e_JaffaCakes118
.exe windows:7 windows x86 arch:x86

63a515745d03597fcef5f848ad6dbfc6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessId
CloseHandle
ExitProcess
GetCurrentProcessId
CreateEventA
LoadLibraryExA

Sections

.text
Size: 67KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kdata
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ