f97b9d28497bf653de9008c2558bf646_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f97b9d28497bf653de9008c2558bf646_JaffaCakes118
Size

325KB
MD5

f97b9d28497bf653de9008c2558bf646
SHA1

3e5b0d1f931f0f10e69f19d09ed5d5984d1a0242
SHA256

2faed72d9f4ae65d26fb1ec8f89ee56d085865974b1342f24fc06020a60b8d8a
SHA512

6b84d619fbebd1864210255d0f81ad030729ca323a1c8a74ec1922bf559e6033cab3f5895993b5c7ecc479885dee33adbf9b381db0c94191e0a07c9ea9446435
SSDEEP

6144:o38tbq2CgMh333Kd37OH/Z77rKL7yk9jfEv2CgMT333Kd37OH/Z77rKL7yk9:E0bq2BMh333qM2BMT333q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f97b9d28497bf653de9008c2558bf646_JaffaCakes118

Files

f97b9d28497bf653de9008c2558bf646_JaffaCakes118
.exe windows:1 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress

Sections

CODE
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 185B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SMT//SMF
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE