bd65ca34fdb588a20bbbeab93c985a0e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd65ca34fdb588a20bbbeab93c985a0e_JaffaCakes118
Size

66KB
MD5

bd65ca34fdb588a20bbbeab93c985a0e
SHA1

92565c2f2e8caaa6bf042903b34c68f55fd91f40
SHA256

c0ff9ee8d3b017cf830f7fef5f9c3ed31fd074ec883266774c5aea9582984915
SHA512

df019c428a50036b312507fbc71b1efd97b865cfd71c2cf4034610ef5d125ac55fc0bc248248494951a0471647a55f0e482437857a1cd7ce7921b4cfb2e401ca
SSDEEP

1536:cwIDLvKOZv0meaahv9v3owD9rYDUHTwJU6kIa8:7IDrzp0Xp9v33Du4HCU6VV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd65ca34fdb588a20bbbeab93c985a0e_JaffaCakes118

Files

bd65ca34fdb588a20bbbeab93c985a0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

75be18227966271bff580784e7a203f1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetTickCount
GetProcAddress
VirtualAlloc
LoadLibraryA
GetCurrentProcess

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 218B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.const
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.4rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE