e9ccd4507aed6e5176eb0bf0c460651f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e9ccd4507aed6e5176eb0bf0c460651f_JaffaCakes118
Size

773KB
MD5

e9ccd4507aed6e5176eb0bf0c460651f
SHA1

99890650726ab06ad4ff58341491df38aa2ac5c5
SHA256

91ed5941827fd7680ed527caddf806e74947436bbb6329e8f7837d7a005615fa
SHA512

8b3733f71ab29be98a8dc95ad2c504e88166383ea7434af0e739362ec69cf43ed84c8185e23f5dfa5b62bc38927f0d70c859d880b20e3911b98a33a911dd718a
SSDEEP

12288:bOHNj+R2o1FTBRJRW1bkWUs59S2vFjuZgk3lPVVxTu+j1Daa:/B1F3JE1bkq5AZgk3pxu+BOa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9ccd4507aed6e5176eb0bf0c460651f_JaffaCakes118

Files

e9ccd4507aed6e5176eb0bf0c460651f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

94c7366d739e7bf962bb011f2c5fab76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
GlobalAlloc
ExitProcess

Sections

pcs1
Size: 343KB - Virtual size: 752KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pcs2
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pcs3
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pcs4
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pcs5
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

pcs6
Size: - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

pcs7
Size: 425KB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE