d0c744d9fbca85686b944396fb1bed51_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0c744d9fbca85686b944396fb1bed51_JaffaCakes118
Size

115KB
MD5

d0c744d9fbca85686b944396fb1bed51
SHA1

239548d4c286b8b80e309926d4c7dc0b66ce6a7d
SHA256

95806f871b56f682fd7b3ba0d4a2ee111d3584db7266dfa0f520a8f07eb73a66
SHA512

dc9415f749d15e6df5413362760687bd56fca1354d358f71759a00638e652e346d6e62602a0a2cdc575fd6ddd7e54685dbd7747d80f2c699983d8a89172712a8
SSDEEP

1536:759jBXnLit0kNKcmhPmvGn3eMzoWVcmExDa5aDR7Z9PdLrJRHeX:vjdnW3NKTPms3NTVcmYDawtVts

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0c744d9fbca85686b944396fb1bed51_JaffaCakes118

Files

d0c744d9fbca85686b944396fb1bed51_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2d1d11c068dc7fe9d86d6330755b479e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetCurrentProcess
VirtualFree
Sleep
ExitProcess

user32

CharNextA

Sections

.text
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 233B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ergerg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ergerg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ergerg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ