d0e9ebf72b53431c0d337d5ddf3857e6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0e9ebf72b53431c0d337d5ddf3857e6_JaffaCakes118
Size

30KB
MD5

d0e9ebf72b53431c0d337d5ddf3857e6
SHA1

69959063ade208932bb1da1f35c8784ace142208
SHA256

4cf02f9d823b4c36559d36170d6bd5a82a6b1403be849478ac4258b30ce9f7e1
SHA512

c5764d70b30e988ab8bc2b99ca4826487f5afe56517c92b7a0d80e94740bfb549764868427457f72024d30685f92496958393cd865f143ba6db8bcf7dd0c36f3
SSDEEP

768:mM6t7+qyhP1AUxRY1cgRUaQRu/aniwKMluP9:96kLA1cDRhiwKMQ9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0e9ebf72b53431c0d337d5ddf3857e6_JaffaCakes118

Files

d0e9ebf72b53431c0d337d5ddf3857e6_JaffaCakes118
.exe windows:1 windows x86 arch:x86

68675c8b50c5ad2ebdcafc2660a2c3cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
IsBadCodePtr
GetCurrentThread
LocalHandle

Sections

.text
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 126B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 28KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE