d17e8f1b5b7a0b9d1bfffa0bca80d973_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d17e8f1b5b7a0b9d1bfffa0bca80d973_JaffaCakes118
Size

20KB
MD5

d17e8f1b5b7a0b9d1bfffa0bca80d973
SHA1

6c5f7e16975d16976a9fe2263ecc83f15c87ae00
SHA256

642f639e934c609885fe1a7a26495a423cf0a46ae6aefffd39671b8a032f0239
SHA512

db6acc695e515cc6cbd8ba07ef08e774f31f813813cf0627fe3f900f3952cb4eebe05b376426b11a6f6f44d506129fd5484ece0e7c00df5c14f061d1a795ed1a
SSDEEP

384:K6cvHTslF7U3lN4FhXjA+tJonFqCaNoalgL5kq:vcvHIlFwH4LnSRa6k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d17e8f1b5b7a0b9d1bfffa0bca80d973_JaffaCakes118

Files

d17e8f1b5b7a0b9d1bfffa0bca80d973_JaffaCakes118
.exe windows:4 windows x86 arch:x86

abad194ff07b8a1633b47e6268df8641

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetModuleHandleA
LoadLibraryA
FreeLibrary
VirtualProtectEx
ExitProcess

user32

GetWindowModuleFileNameA
GetClassLongA

Exports

Exports

Glkfgmkgad
Rkrmubxxv

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.nldata
Size: 800B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsec
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ