bab5ca65c218b7277e7b087e2ab1c071_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bab5ca65c218b7277e7b087e2ab1c071_JaffaCakes118
Size

218KB
MD5

bab5ca65c218b7277e7b087e2ab1c071
SHA1

f5f08a332ea4073e603c8cc0c6e5628a032be976
SHA256

38a8d2323fc42c2b904d01eca7b71caeba26405eb523e2a1fae8538a4bdf03f9
SHA512

73034c25909d8a0f7a44558af5ad571fae87fb1121a30c2fa1f958e3ef0e43a69e73a98a22d35e09d0fb1ef0beaddd402ec349b8bc833ec7378ceec98b5e41b1
SSDEEP

3072:jgYwsW+npClqDlbw85UKsFHrGpW5UKsFHrraJrVSRLvbFB:jgYwsW+npClqDX5UKsFHL5UKsFH+Cj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bab5ca65c218b7277e7b087e2ab1c071_JaffaCakes118

Files

bab5ca65c218b7277e7b087e2ab1c071_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1bd6a1cccc0acf0bc50f0359268b4fc1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvbvm60

_CIcos

Sections

pec1
Size: 110KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pec2
Size: 3KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc}
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE