dc201a414807a2dbac7979151fcd2b65_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc201a414807a2dbac7979151fcd2b65_JaffaCakes118
Size

16KB
MD5

dc201a414807a2dbac7979151fcd2b65
SHA1

380438bc2fe35eab445ddd934b5c7bd7d9c0d005
SHA256

2626316f01cac8f86b91cdee0df021a1b872fbd8bece852d2e8ab9731326eb13
SHA512

fb2430dbc7e6f84abf51a691629e792f71e37ad34d989f9839a7b8661b48dd86dbfc21d4739f0537fa443e0523a51ae7ae2c77a33993bf2ee3e2b06473ce6484
SSDEEP

192:An/0fIZ66EoB2GMZsKFtpLaezCXt0wK0srj9DTInJBsf2GSFHN+5n6P:16EoB2GqFHuXzGojFH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc201a414807a2dbac7979151fcd2b65_JaffaCakes118

Files

dc201a414807a2dbac7979151fcd2b65_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f2e4be8bca785bdc8b6f612fa15d82a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
LoadLibraryA
GetProcAddress
VirtualAlloc

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ