fb0391c7b369364c2c98566bc30a4593_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb0391c7b369364c2c98566bc30a4593_JaffaCakes118
Size

47KB
MD5

fb0391c7b369364c2c98566bc30a4593
SHA1

ec52978831fbd9d2c74865fb60e04d3f370f7f42
SHA256

9a6062ed24f1598ba0f0eb7b852dd4ab0d624eb3f77b865b384637040ad242da
SHA512

dd3a863c7064b1e08874318c715c5b39d3a4a4efa79c9c1fd30fdc42e87a351e98e18477b7f1af5ad7073aec737c4c09f78f5822498cc694f76d4f43bed83695
SSDEEP

768:F74r2+br892XHnV4Yt60xfvAiDyh9u80pfmpHl6KqcEAk4L2sNEWD1wDy:F74SU8kXHaYg01Y6u9osl6SKB2JwD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb0391c7b369364c2c98566bc30a4593_JaffaCakes118

Files

fb0391c7b369364c2c98566bc30a4593_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd51a645a9c68bd03b2e51586e5cbdcb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA

Sections

.text
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_TEXT2
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE