fbd12b9523acc718ff0c0cfb4fb91d60_JaffaCakes118 | Triage

Sharing

General

Target

fbd12b9523acc718ff0c0cfb4fb91d60_JaffaCakes118
Size

115KB
MD5

fbd12b9523acc718ff0c0cfb4fb91d60
SHA1

25130e7febc397d94be73cece2984d4817736f54
SHA256

68565b556a3a0010dae3e9c3eb1c365228042349d72499ebda5a5caf89527d63
SHA512

1de556eb55198ed358f0604e81b3624215de2432aa90e3f217a102a090fae69a2afd13ee00e1c08c326920348d84e075eaa82cbb519e47afc3f70ddcd2532ce1
SSDEEP

3072:Gdi/FU/69PANa+/NDObNAPZvCEd5ONeVIpc:G49U/YQlNDyAMouEQc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbd12b9523acc718ff0c0cfb4fb91d60_JaffaCakes118

Files

fbd12b9523acc718ff0c0cfb4fb91d60_JaffaCakes118
.exe windows:4 windows x86 arch:x86

641550193d64eb4cb12225647d1087ed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetUserDefaultLangID
IsDebuggerPresent
VirtualFree
Sleep
ExitProcess

Sections

.text
Size: 512B - Virtual size: 190B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 205B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ergerg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ergerg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ergerg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ