db2831d11859aa55a0d163ab503f66ae_JaffaCakes118 | Triage

Sharing

General

Target

db2831d11859aa55a0d163ab503f66ae_JaffaCakes118
Size

24KB
MD5

db2831d11859aa55a0d163ab503f66ae
SHA1

0f93a31ffd8423e10d33caf6255f8f79e227f434
SHA256

920630edbc2f873ed502215b7c06de14f797e3a49361418369f445ce0eb65b5f
SHA512

22683c26782522cf7b4462c3114bc0ff06cb8c316ac186c40d4d1e6024d60ecb3bc3f333e1863eff178eeb88edf320e34c8f03e49b73c5ecbbac02d83ad5ef33
SSDEEP

384:Dv7tBgrqxMZOBhAXo82mIcT7ivoqfY0hIwoX46PI4/inNcZCM+:FGAMZsdxcqvTArFdqnNo+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db2831d11859aa55a0d163ab503f66ae_JaffaCakes118

Files

db2831d11859aa55a0d163ab503f66ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dae2264e721d7c66f7fa35e864d11aba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
LoadLibraryA

Sections

.Kaos2
Size: - Virtual size: 296KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Kaos12
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RCryptor
Size: 41B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ