db472a60af5a71fbf3f810a9cd2b3225_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db472a60af5a71fbf3f810a9cd2b3225_JaffaCakes118
Size

190KB
MD5

db472a60af5a71fbf3f810a9cd2b3225
SHA1

8a4b75b9058ac38205b49bbe3ef92b8d7356bdce
SHA256

fe78db14551b6ba9b53d005443399eb43ed277ce8080e888dc8ca67f502e1d16
SHA512

044ee86b4a05803b076819d572e7426348f17e2ab84da312a0d8128692c83c299cc483ee40a63021815c1f4ae9a4abcb3da195961eeac1ee17595ad4cb171c77
SSDEEP

1536:KBPKqlBZDKa+jT/KDfsWq4lvOwcABJRcSvAr0QSxIZdG8miT+6Nu5BWTXWH5gN9:tOCvWqUvO5qJ9o/SyD7jNPGH5gN9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db472a60af5a71fbf3f810a9cd2b3225_JaffaCakes118

Files

db472a60af5a71fbf3f810a9cd2b3225_JaffaCakes118
.exe windows:4 windows x86 arch:x86

034248a60f7befd6fed4c2cc800e757f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
LoadLibraryA
GetProcAddress

Sections

.text
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE