d9dbe3e840b16cf7140c1e2dbc01cfcc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d9dbe3e840b16cf7140c1e2dbc01cfcc_JaffaCakes118
Size

16KB
MD5

d9dbe3e840b16cf7140c1e2dbc01cfcc
SHA1

59cf9bb61a5a1d8f5579ad406d03873660a74589
SHA256

c6aa462e915cd10233c85e02e48a096aa43328730b6c3fc13938af980b86b0d3
SHA512

13f79f81696622a2780578b63c5edb775bc094d0e9282fc4cd5546e9d95a723d9008f775ec70bd0010d815f76757943a22c44ab6293997eb926488abe4d74f63
SSDEEP

384:qKDYne1rR1ER17NVz905NSw9DcWj2jP4wm0ucOHdAZCaDOc:q8jrR2v7DO5NSsijgwmqXH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9dbe3e840b16cf7140c1e2dbc01cfcc_JaffaCakes118

Files

d9dbe3e840b16cf7140c1e2dbc01cfcc_JaffaCakes118
.exe windows:1 windows x86 arch:x86

f585d2ba51495dc8146d98d4c9f04607

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DuplicateHandle
IsBadCodePtr
GetCurrentThread
FindClose

Sections

.text
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE