ae875123e2325a54249974eaf425697a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae875123e2325a54249974eaf425697a_JaffaCakes118
Size

1.3MB
MD5

ae875123e2325a54249974eaf425697a
SHA1

411329f5eee7b35494e05d23919122671251343b
SHA256

8a0d55265395aa8d947d012de267c808e9432d0c218e35210d735f2dd49bae86
SHA512

3ab7334109333f0daefbb9e5ea7f41e6e331f9f216a3b81b7e494d141aa06ca9d53e755a0335591f891744fa9bca1f229c0a6be807f9367c06ab2559c20dde9e
SSDEEP

24576:6/dHaNKS6VO6hZORcl2L7+2P18nEEKtfjlyXIanY2TP7ypAORpwfgQhPY/4B/C0v:6lHaNKS6VfbOCC+2P1oEEKVxQA2T7gA5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae875123e2325a54249974eaf425697a_JaffaCakes118

Files

ae875123e2325a54249974eaf425697a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b742f4e4fa33ad8e47942816156ee1fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
TlsGetValue
ResetEvent
LoadLibraryA
VirtualProtect
GetProcAddress
ExitProcess

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ