28bd11c78e03c14be1768b9baf2524b6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28bd11c78e03c14be1768b9baf2524b6_JaffaCakes118
Size

62KB
MD5

28bd11c78e03c14be1768b9baf2524b6
SHA1

11bd46004d93d574c1e799840a312fc7d0c66082
SHA256

94f5ddbe8d3135626919d6f273349e03413d71e6129aee7d68d94361c11841a0
SHA512

e729f65c350238e1446e49e8f86215d071d4d202adc13a02f19a1da22eedf9771ff6fc0dc75ff4543d6ce10181c4bb08507d8cae782c02a68cb39220c84471bb
SSDEEP

1536:VWC0Bs6wT12xV1YqbaM892i1/6ohEkB15OTSwq8kM1onF:isZT12YqK2QX3whPoF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Security.Explorer.v5.32.Incl.Keyfilemaker-EMBRACE/keygen.exe

Files

28bd11c78e03c14be1768b9baf2524b6_JaffaCakes118
.zip
Security.Explorer.v5.32.Incl.Keyfilemaker-EMBRACE/embrace.nfo
Security.Explorer.v5.32.Incl.Keyfilemaker-EMBRACE/file_id.diz
Security.Explorer.v5.32.Incl.Keyfilemaker-EMBRACE/keygen.exe
.exe windows:4 windows x86 arch:x86

bd51a645a9c68bd03b2e51586e5cbdcb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA

Sections

.text
Size: 50KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ
keygen.nfo