d13c06148338e06153bce5d3cd3fbfd7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d13c06148338e06153bce5d3cd3fbfd7_JaffaCakes118
Size

34KB
MD5

d13c06148338e06153bce5d3cd3fbfd7
SHA1

fa89705a38969fe3cc22193dee99fc8ee8ee3eee
SHA256

38b1ffe5b7bc20e6444ef5c2b45f2bf1b78383b39c59797347068cea287e2ab5
SHA512

b265e2bed4b601de7a13d1f0e23734d1d12919f12f17b5028fe09c5b646b7b9243bebd735e55c6656aa5f667bd25529f907a89d0d35182085b0906548defa549
SSDEEP

768:UXZAPK1u9D4RPOWS8npG5kJU0nFqKYmzV/5IKHV5vkvLmWolQ:UOPd98R2WS8npI0/krOV/yervkqv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d13c06148338e06153bce5d3cd3fbfd7_JaffaCakes118

Files

d13c06148338e06153bce5d3cd3fbfd7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f3c5da38e687ed8e68cd2b55dbd54f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA

Sections

.text
Size: 512B - Virtual size: 351B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE