b5de6749a245a3a62feee349143619af_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5de6749a245a3a62feee349143619af_JaffaCakes118
Size

399KB
MD5

b5de6749a245a3a62feee349143619af
SHA1

a559015bae3ba460e7cb363013c4599dc9377802
SHA256

c6e7aeb5bc82bf468b0e9eede7c56571f2f8a42b42b6d2a9c6fbbb14b00fe899
SHA512

ed08bed78f3956c7661054e193b8234729b5faeffcda506c9ae83eca3bb03ef56b959277f84cf869ec66bbd4a0f44e6e0dde6037bc8a3329c03a0647e3448207
SSDEEP

12288:dxRQR+TNnT2jBOf0gPxux2H6kJ7wYYC99t0:dDQRq12UpIypZwYYCF0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5de6749a245a3a62feee349143619af_JaffaCakes118

Files

b5de6749a245a3a62feee349143619af_JaffaCakes118
.exe windows:4 windows x86 arch:x86

37c0608f24ea4f5b69005df26d5dd626

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress

Sections

CODE
Size: 308KB - Virtual size: 632KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 14KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 26KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bedrock
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE