fdc472190c501f5f0b9b1ccdc03d221e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fdc472190c501f5f0b9b1ccdc03d221e_JaffaCakes118
Size

115KB
MD5

fdc472190c501f5f0b9b1ccdc03d221e
SHA1

e5e65dfcc89fbd4aad47039581901196d2aa0c7d
SHA256

0db944c3020b747be3f2812409802e26fa5bee606137a5cf82d67320fa9fc997
SHA512

b1cb58ebc7faa2bed9c874e18409e0c0884344e4f90a60310b4ed1db5148949622cfaa777203f84d3d65d2650855521a95a70e0bbee1d8f08d30cad4a044b152
SSDEEP

3072:PnsEyGnr74RfPVu5om1PtNOnNK15Z/dRXE:PsLGK859NUNsnrU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdc472190c501f5f0b9b1ccdc03d221e_JaffaCakes118

Files

fdc472190c501f5f0b9b1ccdc03d221e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9b8d618c07b9a4d34faa6f914221f98b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
IsDebuggerPresent
GetTickCount
VirtualFree
Sleep
ExitProcess

Sections

.text
Size: 512B - Virtual size: 238B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 197B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ergerg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ergerg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ergerg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ