dbf4266e1b6ed67dd1aa3bf78ec3a3d6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dbf4266e1b6ed67dd1aa3bf78ec3a3d6_JaffaCakes118
Size

114KB
MD5

dbf4266e1b6ed67dd1aa3bf78ec3a3d6
SHA1

a0706dbd02ff0a715f75fcdf5cb19163db09f7c9
SHA256

521a91be4ecc77e36a61121b65cc189af738a52dc0e7899fc870283834016d2b
SHA512

7dabd18b347d58436d85539d045d4ba2ef914d2c75df156ed12e8d81a6f5885a452bf3f43d99a68ca2cb7226a7a1e5177a59f4a13a55014d67d4bac576c48b28
SSDEEP

3072:GtovDUmmSOWp4qFlQUUwya0G290uC4dP1dIWiwyoK8a:GqommSOWSdNfD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbf4266e1b6ed67dd1aa3bf78ec3a3d6_JaffaCakes118

Files

dbf4266e1b6ed67dd1aa3bf78ec3a3d6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9fd3a1568b5bfb556f43e355398354c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
MulDiv
GetCommandLineW
VirtualFree
Sleep
ExitProcess

Sections

.text
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 189B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ergerg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ergerg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ergerg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ