d71589b8817769dc2300bbbf741cce32_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d71589b8817769dc2300bbbf741cce32_JaffaCakes118
Size

334KB
MD5

d71589b8817769dc2300bbbf741cce32
SHA1

433318cd404493199ce7d6d7f8f7438531d513e3
SHA256

40c324c86c8be0f7a2319f6829b86c678eafb8617d96fca4a1fb21768aaed7e6
SHA512

408380e45c6b7da089fe16af45913ebe6fa9d407297089c407d44d99ac07eaa05ca3708c6e231f2949e782da7c2bedfecc0250728ec7da8f850a4ccb1a6d85e5
SSDEEP

768:ER6cN84i9mlggijXIjrH6U00zrxdefegYn9Q/tVFQJ9QHrxdefegY5H6U00bJ:EVXikHm0vbyf89Q/PFs9QLbyfCHm0bJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d71589b8817769dc2300bbbf741cce32_JaffaCakes118

Files

d71589b8817769dc2300bbbf741cce32_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE