d744b3baed5e8089e5add190815194cb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d744b3baed5e8089e5add190815194cb_JaffaCakes118
Size

17KB
MD5

d744b3baed5e8089e5add190815194cb
SHA1

b5c3b20c6b3573b2b21e62eb178293010b1fb2c5
SHA256

7cef59a2a94cb262526fd77d43063c52f1faee861df444db9deab3b8b06f14ee
SHA512

576d37c98fc0ff62a2107c95a7e52f58c9f43d67bb157c23837f4c06155ae844a7209cb731e0d5523a6ea2f09da6011968e73c8cf07e48c1165d080b05e43655
SSDEEP

384:ms+PKsUUB+4SsofWCtgIeDGjlMHyDmG9Lp3eXeHxzAvjoI/Aq:h+ysm4VouCdeMMHyP9F3eu2bo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d744b3baed5e8089e5add190815194cb_JaffaCakes118

Files

d744b3baed5e8089e5add190815194cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

37c0608f24ea4f5b69005df26d5dd626

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress

Sections

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bedrock
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE