dfed98cbf83bec5b64ce693a88b8e224_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dfed98cbf83bec5b64ce693a88b8e224_JaffaCakes118
Size

505KB
MD5

dfed98cbf83bec5b64ce693a88b8e224
SHA1

b36678847442d6ee0969364a941cda66f0ac2a2c
SHA256

2e424c917f2e4805e189093fcd81dd2139d9afd3574c10f247a3494569e5586a
SHA512

70d083293fd57a587029ebfdc266ddd1734ac0d159c49cf1537c1a6a67697e36286e2c4edbcf65c6afb062b5796e992d490f8d80b2619cbb1682f7afb0ed2083
SSDEEP

12288:U7BIAifkrDDX+UhSdabYb6HHHziiCQwpdAIud0np828ZBSfC2Ft0oc:IWAif63sdoH+iIpdAC+2E6FtR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfed98cbf83bec5b64ce693a88b8e224_JaffaCakes118

Files

dfed98cbf83bec5b64ce693a88b8e224_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd51a645a9c68bd03b2e51586e5cbdcb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA

Sections

.text
Size: 498KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ