eabfa9d8e1052cd35bcf2908e7f59016_JaffaCakes118 | Triage

Sharing

General

Target

eabfa9d8e1052cd35bcf2908e7f59016_JaffaCakes118
Size

6KB
MD5

eabfa9d8e1052cd35bcf2908e7f59016
SHA1

c57792fa9fd73144eeeab2ddf3e05dc952b112a0
SHA256

30e955c0433e86014e2824061d1a6fc5ff7e529fcb8ac63be472e5fa13daf669
SHA512

74516783c3579f06aaa5ec8dadaceeaa107faf351ed226c04c37d5fd4de6042105b930c23234ec0bc10f695516fea15d261bf68a8d4df28bcfa9e439abc64a19
SSDEEP

96:z+Z89rIl5RaU73GI66tZyVJj7uMR7GUV4F2POnSp2U:aZ8V+oU73GaK17dRae3Io

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eabfa9d8e1052cd35bcf2908e7f59016_JaffaCakes118

Files

eabfa9d8e1052cd35bcf2908e7f59016_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c12c1d512453ee9c2574ef52bc5167b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
VirtualAlloc
GetProcAddress

psapi

EnumProcesses

Exports

Exports

getBuss
getCuss
getMuss

Sections

.code
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 379B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE