e1354ca8f10ccfff873e0739d6c5f6fa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1354ca8f10ccfff873e0739d6c5f6fa_JaffaCakes118
Size

532KB
MD5

e1354ca8f10ccfff873e0739d6c5f6fa
SHA1

9e2f753696a86ba0dddb101853207747d3b6b928
SHA256

47b4b7fc9b4296daba99c83c2625aac5058ec01dd30cac8aa443aa4a42bb97b8
SHA512

5bf42ae9c329f34d030a45154c8c0e6c565926f9d02e73e3f1f4702525e1279b94f59d1f59686de1039297df82dd368a3025f470a4b08d389a7d019e4c41d146
SSDEEP

12288:JBFHk+s/i6WzLVFssV3mj7/O2HdBS8r06s9F1znsrFhqP1Z02YEc+KzczFfB4bd:JB9Ci6at0/tBvKRsXqPRYjjmfB4Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1354ca8f10ccfff873e0739d6c5f6fa_JaffaCakes118

Files

e1354ca8f10ccfff873e0739d6c5f6fa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c35ed123bf7fb5532653325910c7a41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualAlloc
VirtualFree

Sections

CODE
Size: 162KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 192KB - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vsp
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.llydd
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE