10f94ba0500a62582c892cc95e255f89_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10f94ba0500a62582c892cc95e255f89_JaffaCakes118
Size

40KB
MD5

10f94ba0500a62582c892cc95e255f89
SHA1

ca21f0e81b0b625ff09631ca7aad9589387aa4b8
SHA256

e87d14d9802505285b9fdcc20dba2b13f0b95f8113027b36a0c324c8dfc2a6a0
SHA512

c9a8884768adcb6ffa1281b9fa9da7d13851ee27260f2a51b15bc61b81af2535a59811885796b4e24862267e3b1f9c021ac98cfbc54bdfcc8bd69a797c12f0a9
SSDEEP

768:/8WN0Qf1B7OW0WRF8TirE27qVbKIr/x7vC+OBBOm5RXwnVJoxKFa:/bN0QdB7Oi+hpq/BAKg58

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10f94ba0500a62582c892cc95e255f89_JaffaCakes118

Files

10f94ba0500a62582c892cc95e255f89_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7333743ef063a68d1d860bbdf1c328e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
VirtualAlloc

Sections

.WWP32
Size: 13KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WWP32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WWP32
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE