ef48178b2024db7a60ff86bad216d6e9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef48178b2024db7a60ff86bad216d6e9_JaffaCakes118
Size

347KB
MD5

ef48178b2024db7a60ff86bad216d6e9
SHA1

b17a22abc19d8f77c3605a177b39781818f93000
SHA256

2e4ad30c7c161cae4027c81bc196788ecfc14a308136d43e7959ce5a8b3c947d
SHA512

96b6d5f150edf8e3b9e38d290efaf38d56f2d5f1db8093792a94496107225e3389a8555844de51e96653dcf327c54758b6811b0eb609b3c17d9dbbf738217bce
SSDEEP

6144:pMsMx2FY2y+Z4Xu5SZmxFrI9K72PiMoZ5MN8IUFiUMsvO1x95qoBM5NELRfMOCoE:puIFY2y+KxmxFrIAqPSZGozMs2Pb1O5b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef48178b2024db7a60ff86bad216d6e9_JaffaCakes118

Files

ef48178b2024db7a60ff86bad216d6e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

94c7366d739e7bf962bb011f2c5fab76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
GlobalAlloc
ExitProcess

Sections

pcs1
Size: 323KB - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pcs2
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pcs3
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pcs4
Size: - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pcs5
Size: 512B - Virtual size: 35B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pcs6
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pcs7
Size: 19KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pcs8
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pcs9
Size: 1024B - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE