d12d9d8402f73aae7577d52a2ebf582b_JaffaCakes118 | Triage

Sharing

General

Target

d12d9d8402f73aae7577d52a2ebf582b_JaffaCakes118
Size

17KB
MD5

d12d9d8402f73aae7577d52a2ebf582b
SHA1

1ea7cde66fcfa2cb341dbdf01b95c010b0078305
SHA256

a0d2dbbded7a12586d8a45a1627db975045cc5b46f3e6dd2e617e71c2254ae72
SHA512

bb5b2c72f4be32ac8e9461a4a3163cb0c0dbb4fa56eb2934032c774d6633b7286e10602ee65a5ef2fee375e68dfae1b97b563d17d440def4abe46e10b6f71687
SSDEEP

384:rcmgunmEp7flFHHHivC59sncz56ZnYz/EdU+30aDmrB/HHHM6nHHHH2:wmg2m27flFHHHivC4c96QEX0aD6B/HH6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d12d9d8402f73aae7577d52a2ebf582b_JaffaCakes118

Files

d12d9d8402f73aae7577d52a2ebf582b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9e0796e65048ea7d46200c49ef04ae2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc

user32

GetForegroundWindow
LoadImageW
wvsprintfA

Sections

.text
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ