f69de945b97daffd04ea352c6d56a13a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f69de945b97daffd04ea352c6d56a13a_JaffaCakes118
Size

188KB
MD5

f69de945b97daffd04ea352c6d56a13a
SHA1

608e092182de22a9c09e15ace6f437a5a4cd5793
SHA256

618412472f32fdab411b15173c10966dd2cc84ea44778c3e871f569c171b630f
SHA512

ce64c1b444232d1a0415beddaa3613363b66030372ccc32dd888bf36866c7ac17ea49606f9a7011857a3dbb6d199839e9dc8cfd4907f58b1747c60ecf5d260ae
SSDEEP

3072:meRioYsT9fcPMYdnJXAt7uOCGdkQhWOdy138VJcZf2S/QyDoxPfeyUqfNwTZj6SQ:4ozcPMiJXWqyrWOdQ3OJctFQyDoJmyCi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f69de945b97daffd04ea352c6d56a13a_JaffaCakes118

Files

f69de945b97daffd04ea352c6d56a13a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa77d18b40072a7e1dc36630aafffd27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualProtect

Sections

.XPack0
Size: - Virtual size: 520KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.XPack
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE