db4a01fd276fdaa3792b5996a08fed13_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db4a01fd276fdaa3792b5996a08fed13_JaffaCakes118
Size

259KB
MD5

db4a01fd276fdaa3792b5996a08fed13
SHA1

01511786ee9314b79cde2b0eff3a2e18e7f7c3c9
SHA256

061d47a87d23d6c14352a712f3e959b0ca93dc315e19a1aa7d34efe7500a7391
SHA512

d25b488e4c637d3a939aaaf9a0ffb3aae106d411ba8c97d4a629b871289770d31206bda956aa4b7fc173fff1eca024b5b2cb0608c6a9794ec4a8290b733a8463
SSDEEP

6144:k0d5Tc5f+/N5fdY8YKibFdCksq1TzvGYXRz6N3N06:TDI4l5fWNKivCA1TPKT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db4a01fd276fdaa3792b5996a08fed13_JaffaCakes118

Files

db4a01fd276fdaa3792b5996a08fed13_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b8111320f794d9e62a7ffe5d84bed59a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualFree
VirtualAlloc

Sections

hmimys
Size: - Virtual size: 756KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hmimys
Size: 259KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hmimys
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE