d060bde6f89d5781fd491e31183bacd0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d060bde6f89d5781fd491e31183bacd0_JaffaCakes118
Size

42KB
MD5

d060bde6f89d5781fd491e31183bacd0
SHA1

65841d8770b8e063736252d6789d16522fe6457e
SHA256

968a85371d1623bb22a0242f1466988b9908f2c82d2767faecd4d0460ceaaf45
SHA512

d63ada02f39a7fbedbad4fd630a2ff5bd0c0b977a4a3928e7b539b2e9ad8b38baa9d0186780511ea42dccca309612d46e13e36496a29a6686d25d87bc780d18e
SSDEEP

768:nzZUx4GU2/1lFpPjEDclHruwODdBHm5NgNtmOkLDaJ2hZ6f3OIVSM++E:dUxUwPX7/xOK56fm3iJkwf3O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d060bde6f89d5781fd491e31183bacd0_JaffaCakes118

Files

d060bde6f89d5781fd491e31183bacd0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b9f2cc673e99f556444ad901886c064a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
LoadLibraryA
Sleep

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ