56de1cff64591967bd40c2f277bd5c0e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

56de1cff64591967bd40c2f277bd5c0e_JaffaCakes118
Size

2.3MB
MD5

56de1cff64591967bd40c2f277bd5c0e
SHA1

5845cffaf105d77d1d47e7a0dcf426f7ee7306fc
SHA256

dcc54ded3c7dbf93f6dfd58f7af5f7dcb519ab49453192fc127e8a25cde7a188
SHA512

ad7ddef7184fe338f8a1cf731ef8b68fbcc7e4076ea96e4ce681145dd01d09441e4be047feb88d3211ca120c2e8ae6576dc5bcc6cecab8bf10ddb0b652581eb8
SSDEEP

49152:+kvpmVBau3Of4FDMR1gfBhi8G6sEOulIsh/FG+Y1vGvuA:12B1+f4FDMofBhi8GIllIs501vx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56de1cff64591967bd40c2f277bd5c0e_JaffaCakes118

Files

56de1cff64591967bd40c2f277bd5c0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

755421a9e28c718dba40d5f991dd2849

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

ole32

CoGetCancelObject
CoTaskMemAlloc

kernel32

ExitProcess
RaiseException
GetProcessHeap
AddAtomA
HeapAlloc
VirtualAlloc
GetLastError
VirtualProtect
CopyFileW
LockResource

Sections

.textbss
Size: - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 409KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.debug
Size: 278KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 578KB - Virtual size: 578KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE