3f063156bce8ed8d4265bab8cbbf8305_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f063156bce8ed8d4265bab8cbbf8305_JaffaCakes118
Size

14KB
MD5

3f063156bce8ed8d4265bab8cbbf8305
SHA1

12307b5401019c8aba477ca5feb8cf7fa66fe40e
SHA256

70c9f189dfc7876b994db2ba87de661daeeb4ef97263eb8cc1283a09800169a2
SHA512

8531836c17da0d2bbf34869f1f013aad0df0b0e6b8d17b0c79ab4f7df396ef5cb7d8740342a5ccb9110571b02486c80c01a13cf9e92d7f33b41e407f8694e721
SSDEEP

192:0bmmqswjzuLGC1HRdzCRV3wHpdSoNBELxj6cjcjSafzWdPJSh1KHrgzGyG:s8PaxdzEV3wDSovcjcjr+Sh1K63G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f063156bce8ed8d4265bab8cbbf8305_JaffaCakes118

Files

3f063156bce8ed8d4265bab8cbbf8305_JaffaCakes118
.exe windows:4 windows x86 arch:x86

94c7366d739e7bf962bb011f2c5fab76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadLibraryA
GetProcAddress
GlobalAlloc
ExitProcess

Sections

pcs1
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pcs2
Size: 11KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.khe
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE