be3b9540cf68d05d5acdb4f5c196d98b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be3b9540cf68d05d5acdb4f5c196d98b_JaffaCakes118
Size

27KB
MD5

be3b9540cf68d05d5acdb4f5c196d98b
SHA1

cc8bc25ecdf15d21793228f07532cb88e6435931
SHA256

cd1077cb949112eaee4eb4fc32a030eb319f13d8e4199a8f01909a64c9dbcf4b
SHA512

2d29bd6493e781d7e6a4d1a75ef57f5c3e995c48d59c2b6000400924ac89d3a2a94edb750e269ec363265c05158a7ece2c5468648fc4a32e820ae9dc91fa1b5d
SSDEEP

768:ySt9upCg/YgTDygBBoGfnkqGTZP0P7MPTz:UKcoGfkB0zq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be3b9540cf68d05d5acdb4f5c196d98b_JaffaCakes118

Files

be3b9540cf68d05d5acdb4f5c196d98b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd51a645a9c68bd03b2e51586e5cbdcb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA

Sections

.text
Size: 25KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE