d50286deaaaea0d48ff03d6e21d913be_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d50286deaaaea0d48ff03d6e21d913be_JaffaCakes118
Size

584KB
MD5

d50286deaaaea0d48ff03d6e21d913be
SHA1

23acb7e98c7c7fd656f1b01fbfc16371ea744789
SHA256

f02be08159a2a808008965f0851a54e4ddf820d4bc6493e1c6000d3d6f80b643
SHA512

dba655e32c697f18bb5303ddf18bc0270a2e8f5aead84ebe88b8d10fb073de39466b7d5e685ce606dcb1a4a67dd2186208416dca7f7b40e06356057324935c68
SSDEEP

3072:cOucr4iXDvSj9i1vnkIqjN+x+y1o43Web56wfX7bV0iRq+zU5pETkgE5/fkPtwvj:drurNON/bnJP6pExE1fH7x/B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d50286deaaaea0d48ff03d6e21d913be_JaffaCakes118

Files

d50286deaaaea0d48ff03d6e21d913be_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

z56i3ftd
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gbtrs7fd
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ue0te2k2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.2rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE