f642261e1feb21a3cf43711717402d24_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f642261e1feb21a3cf43711717402d24_JaffaCakes118
Size

993KB
MD5

f642261e1feb21a3cf43711717402d24
SHA1

6b036862a907e32144c127da1e14125a78a21b13
SHA256

6d2fe03e012f812dc4faabe4172af7c5644bee7399514f652c53bc079e67a0b8
SHA512

122da063da74a648b7e9b03f168c3ed31f97c491e6cb0e72ac6167178ab42c5f6213ff8acff4c5ba5edcccc8d5a447e0051a0a3bc31dc3aa0664c5bf0dbad0ee
SSDEEP

24576:M3BkoLB9Da2BxGdYUab4BjoYcqmXJwx9q4RBCXpWz:M360cSNYUJMqs00

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f642261e1feb21a3cf43711717402d24_JaffaCakes118

Files

f642261e1feb21a3cf43711717402d24_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a498eee87e4d89512a84502f500181f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA

Sections

.text
Size: 33KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 931KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.teraphy
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE