b8f47177f70dfce48da80d48389fdbc5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8f47177f70dfce48da80d48389fdbc5_JaffaCakes118
Size

60KB
MD5

b8f47177f70dfce48da80d48389fdbc5
SHA1

522607632ec722bf0f5145412e363cd2073baad8
SHA256

8e0e17a90dc9295895df7c8f9c9ca1446794025981033e254b145c1563e25c2a
SHA512

ece5852982dad5ace86209078b769bd7bdafb05ae4ceb824b0a051a3e62821048cb257dd236a2c851dce9fdc7b66bce6e8ffab07866525bb0ab7669601af6f51
SSDEEP

768:07Tbdf+nUZAEP6y+rJeVDEVoq3c4AtqpU/EPk8L0ZGn3i/XhCerv28R:4df+nUZXP7+rJQgoc1oqm/E30An3ERNB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8f47177f70dfce48da80d48389fdbc5_JaffaCakes118

Files

b8f47177f70dfce48da80d48389fdbc5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fbc6ea422bb9d78788b5f21176f87261

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
VirtualProtect
LoadLibraryA
ExitProcess
EnumSystemGeoID
GetSystemTime
GetModuleHandleA
lstrlenA

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ