f589c81371c294ed00992ec8e98ff98a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f589c81371c294ed00992ec8e98ff98a_JaffaCakes118
Size

59KB
MD5

f589c81371c294ed00992ec8e98ff98a
SHA1

3458a478b53ffc904808a37590576cc094e1c3a1
SHA256

45732024c7525c39d2d8ff4436659080229d8e52bd1469982fabe303e7d9a4ee
SHA512

4c6c693c4e815ad527c2d84fe59c186aa16822539ffaa8c3cfb40898225f9a908fa3296776612ec699639da7a942500c4b8118c2d35c514c4fa25492658f0b47
SSDEEP

768:uh2PZRiB0/O3JF5lVxYrDKlU2piBV/9Xr6BZ1S5xkta744oz69MetQVoX5:ugRR62O5f3ar8iP9Wuxya7869xSKp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f589c81371c294ed00992ec8e98ff98a_JaffaCakes118

Files

f589c81371c294ed00992ec8e98ff98a_JaffaCakes118
.exe windows:8081 windows x86 arch:x86

7a7803027531302026dedc7b5f6025f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress

Sections

jrizzyiq
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

qyazaayq
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yajqiaqj
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jrrzqyja
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ