fb5163f691b33aa10140731b21e3925f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb5163f691b33aa10140731b21e3925f_JaffaCakes118
Size

455KB
MD5

fb5163f691b33aa10140731b21e3925f
SHA1

09b337403414c996f6ef2e31f38e1ed6e3b7cb72
SHA256

881a9b89f9ee0da368625334873b4802669dee0f11205df93393d62f382a80e0
SHA512

33f6b7d3098c907f03f84476e157b333b6ae26d492a034f948f6143b2e49e73c93ac8a5c8905b1aa5e8a9571595f83a64c5c737a437e606da0429c125a4ffb21
SSDEEP

12288:6fwFS07Bvvm1F+AmeUw+EeiqBjMxdVhuXm:bFTfeUwvxdvu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb5163f691b33aa10140731b21e3925f_JaffaCakes118

Files

fb5163f691b33aa10140731b21e3925f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4d8e9e06f8e51550e3e5089179e9846d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA

Sections

Size: 25KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 335KB - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 93KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE