fb700f4249b7cd7b50136e072e184eab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb700f4249b7cd7b50136e072e184eab_JaffaCakes118
Size

111KB
MD5

fb700f4249b7cd7b50136e072e184eab
SHA1

4a2db46ecc737b3a431446d04dfcdc2dc2fce691
SHA256

eab22bdcbd93dd52d8be80d6749baaf0366464f2333cd30ea9a5ffc2bf18e079
SHA512

d63590f5622ef2e6da46f50920173013d6a0bb3ba84c78443dc4f0836146fa12ee27aa9279e499ef99d969109003d960d0a408043f761fdfeadce6facb6dc78d
SSDEEP

3072:Wyg7tx3IljqOXqBU2VT9sB5rYPExj3jMMvAAJ3E/Re:WygxSzXqeuT9axo+LjMqB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb700f4249b7cd7b50136e072e184eab_JaffaCakes118

Files

fb700f4249b7cd7b50136e072e184eab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c12c1d512453ee9c2574ef52bc5167b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
VirtualAlloc
GetProcAddress

psapi

EnumProcesses

Exports

Exports

getBuss
getCuss
getMuss

Sections

.code
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 379B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE