0f42fc26c109252dc34fc36476855754_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f42fc26c109252dc34fc36476855754_JaffaCakes118
Size

401KB
MD5

0f42fc26c109252dc34fc36476855754
SHA1

69af6fa896c9d240fa05805b5d3a3bd261371b36
SHA256

e1f3f4c79254fe5bab7a9e6d6e1b1bee9fbd8e767eeb82f34ec441f20405524a
SHA512

c5be6c1eb12b4747a5d2a637cb57dcc99e7a0ca1eb63d47d5106a7db0e8301218fb0d89d92209e3f981c88c4162ba3ae16b41afbf87ef80af16e8793bcf10979
SSDEEP

6144:1wxbmg0OgSE9DSLIddVsOQd6XR/qRLTYGBb6piSCwqm2wqys7qeCSaJ+hpRtSYII:1wsKi9rOd6XhCvBb2rnqy7U5hpRtjb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f42fc26c109252dc34fc36476855754_JaffaCakes118

Files

0f42fc26c109252dc34fc36476855754_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc39d484dc943b8061c712b3f3e27e81

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetProcAddress
VirtualProtect
LoadLibraryA

Sections

.text
Size: 512B - Virtual size: 417B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 331KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ