f9eff950f8f0535878f61f0a67923e54_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9eff950f8f0535878f61f0a67923e54_JaffaCakes118
Size

1.1MB
MD5

f9eff950f8f0535878f61f0a67923e54
SHA1

32715dd7e136d8b835469a19a7c45633438971e8
SHA256

90b42c7b947982043514de92a18a869d1bb544c0992c01152daac3b499e07fb0
SHA512

ccef11225572db343c7261f198364efc7702442a5eab9e0cf7a65a5fb125c573721bdc6d9e60b0c1c014b3915922ab588f925769c23b30a37b000dfc81631c3f
SSDEEP

24576:Pi0uI9LAv7rEyf31YHF6/jK08GA9+HCmhR0RmvqSzvDJ:q0Kvv1YHFYj9i6COL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9eff950f8f0535878f61f0a67923e54_JaffaCakes118

Files

f9eff950f8f0535878f61f0a67923e54_JaffaCakes118
.exe windows:2 windows x86 arch:x86

c79ecdcffb2c71c8cd81894418f9f026

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

HeapFree
ExitProcess
HeapWalk
HeapDestroy
VirtualAlloc
HeapAlloc
OpenThread
GetCurrentThreadId
VirtualFree
GetHandleInformation
HeapCreate

Sections

.text
Size: 1018KB - Virtual size: 1018KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ