1810e616f3c9b411dffbe4e770d67e77_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1810e616f3c9b411dffbe4e770d67e77_JaffaCakes118
Size

289KB
MD5

1810e616f3c9b411dffbe4e770d67e77
SHA1

39d3b5c3ead0de0c774642311f53323264db8834
SHA256

da455db16c64efd8c48a3da69801e87dfe4878ab7d4b4652984a85f56e757474
SHA512

0be0d85f5701bf67896c165d4e9b795b74bfc723bd140dbd797987f49559d548ae43334fdc7d87f35d856637758809f56bef53d627275a88031c284988c3f78a
SSDEEP

6144:WJEEY3gzCQnBfjpmBqjKBamiUAuNp5lxx21WK:mY3gzCkfjpClBam5N2d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1810e616f3c9b411dffbe4e770d67e77_JaffaCakes118

Files

1810e616f3c9b411dffbe4e770d67e77_JaffaCakes118
.exe windows:4 windows x86 arch:x86

12cb72fbf3308a9787db139482b7d132

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
GetVersionExA
LoadLibraryA
GetProcAddress
ExitProcess

Sections

.text
Size: 52KB - Virtual size: 87KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 23KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 193KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE