b548aac83a15d3ce78d03bb4a5e179b0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b548aac83a15d3ce78d03bb4a5e179b0_JaffaCakes118
Size

116KB
MD5

b548aac83a15d3ce78d03bb4a5e179b0
SHA1

7aac9e13f48610f7606b30bccf6c4fc7c8c10d10
SHA256

5963865a6cd8bd7191a50ba9564204451a73cee16f9f8b71c2885a4618022795
SHA512

24dbb26921371a0a9f89116fec72531b74b706964bc3f08531a93507e5ad56ee7d36b9b7b77fbc08da3bf5cbd887912dece46d8fa3a9b6ded9248604ddcba2db
SSDEEP

1536:NcLJeTMn/Ly5iO7LtF/xDt7+KagcfqRQsWnRdl2TcZpdjm40J9XJyrlSCHSSP:6J26/L+i2xF/T7+4cpZbN0J9JMlSCL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b548aac83a15d3ce78d03bb4a5e179b0_JaffaCakes118

Files

b548aac83a15d3ce78d03bb4a5e179b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3de8373ebe09272a36eae8bd366c4811

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetOEMCP
VirtualFree
GetModuleHandleA
Sleep
ExitProcess

Sections

.text
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Dois Ycj
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Dlturegr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Lmyknpvr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 193B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ