c8dccded0fc945a558f762dc23335750_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8dccded0fc945a558f762dc23335750_JaffaCakes118
Size

305KB
MD5

c8dccded0fc945a558f762dc23335750
SHA1

c8d800bf06e6d3e9632b91c2209c3887f6a79bb1
SHA256

06abdd1bad836fe48ef8c84909ca61fc466697eb428a176dd77aaf367a8fd712
SHA512

fe139a4f688a437bbf72371ceb0840bf6488434f7ee666dc12654268bc40255766e17a27ec6e9e1d208f1745ee85237dbf864dcdc61e2f1b487ff800beb21819
SSDEEP

6144:ZJINgO2ZMjvv7JYcVkm8NIsd3xB/EdgS4Xeoj4ON2ZMdvI4:/e/2iGl5/MdgTe24ZMW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8dccded0fc945a558f762dc23335750_JaffaCakes118

Files

c8dccded0fc945a558f762dc23335750_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dae2264e721d7c66f7fa35e864d11aba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
LoadLibraryA

Sections

.naked1
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.naked2
Size: 301KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ