f52cd2eabeee4d875c62dbeb88afac2a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f52cd2eabeee4d875c62dbeb88afac2a_JaffaCakes118
Size

709KB
MD5

f52cd2eabeee4d875c62dbeb88afac2a
SHA1

a1efa8df88593e9ac9694615b145e0ce6eac1a30
SHA256

c1d41974a400a7a648d8c0fdcc805b61a0d31557394b2fe2f3f8ff890a41a6e6
SHA512

f766320c3983e7cfbbd88f8ef84c7281f0a6eb2209c17505308e4a725f1e09d8781f789e30d5734f6f101d7e0b2130f4996995b57d9a98d799a7e3e83b8d17b5
SSDEEP

12288:YNcj0xiAcIRHa1lL90NiyGGaDkgsYwHCBnL1MdFctQr36mqXNAZPcu6JNsfqdcNK:YN80zLGLTrFD3sYmCBnhMdFctc36vNYq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f52cd2eabeee4d875c62dbeb88afac2a_JaffaCakes118

Files

f52cd2eabeee4d875c62dbeb88afac2a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dae2264e721d7c66f7fa35e864d11aba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
LoadLibraryA

Sections

.Kaos2
Size: - Virtual size: 684KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Kaos12
Size: 703KB - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ