e2602988bfc5a2f9f39fb6bb4ea17af4_JaffaCakes118 | Triage

Sharing

General

Target

e2602988bfc5a2f9f39fb6bb4ea17af4_JaffaCakes118
Size

273KB
MD5

e2602988bfc5a2f9f39fb6bb4ea17af4
SHA1

414f2a36e0a369dccd4f73fdb6092a0096807508
SHA256

d1ddb694590cb7b1510f5c2160a32b21cefbf825b5154d4172c006ef54f9987e
SHA512

97ddf5f947411f6bbb4a6548dde0b55241d41c57404073e5533ec88286f611459d4cf5f108ee4cd19194b06bf0b7a55046f309a026424c01659d94d0f60611e3
SSDEEP

6144:xx+gnFO2GqK22eH9HaTmS+8QfhNRdw8tRQIWEy/a:xx+KAiHaiFtfjweR8J/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e2602988bfc5a2f9f39fb6bb4ea17af4_JaffaCakes118

Files

e2602988bfc5a2f9f39fb6bb4ea17af4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

232d726a3851bab2c3536bbed42915e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualAlloc
LoadLibraryA
GetProcAddress
ExitProcess

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 670KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ