0aad82c95aa2c597619b1e66885f95c4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0aad82c95aa2c597619b1e66885f95c4_JaffaCakes118
Size

108KB
MD5

0aad82c95aa2c597619b1e66885f95c4
SHA1

65a1a9a8689a1277f4356a76bee2bc2d787d59e7
SHA256

5e335eff752948f8e5ce1f8506b4880159aa15d3b5ee9f27d1741f7612c6a897
SHA512

b7467d997345fd59633d0f709286c3bc4a1e393d9ce59d95e6f6826ac5b1ec8084b4b6d2a5ec7db7b156e4be3f5a02fd817b1f34da208bd52777521d96ab3245
SSDEEP

3072:KWResByQnMmx468N6Z4HmxwLu01cWsTJtd0/BD07HZrxLHry0pWKm8Y:NResBvM/68a4HmxRJJkp0jl1zpvm8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0aad82c95aa2c597619b1e66885f95c4_JaffaCakes118

Files

0aad82c95aa2c597619b1e66885f95c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a53f732e1bbd70e2b3217e8d53ce6afb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

Sections

pec1
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pec2
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pec3
Size: 3KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE