b094642fca0dc298bff1b3ca14d28c2e_JaffaCakes118 | Triage

Sharing

General

Target

b094642fca0dc298bff1b3ca14d28c2e_JaffaCakes118
Size

1.8MB
MD5

b094642fca0dc298bff1b3ca14d28c2e
SHA1

5a59693c52e521bc93744e55a7a71176ef355435
SHA256

dead559264ecd8be5c4819ef9e0049f54bc4a237432970a1e69c557657693325
SHA512

88525822e4bff15a2709c7d272cf5d32440d7320e48fd41a17b73bf6560b0877a2f9a2effd462fe8098f82239fb0cb75882e6fecc84822b5c3c1bcbb2d11f6a0
SSDEEP

24576:Dd9/GO8M8hjUGX9YPKYCbU+6JIZf+8AzZqVl69eh2rQ51lJ2ga6KnXJEsCVUKKC7:DXHwAQyKaJ6GNQn2Y2mNa62XJfKKS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
b094642fca0dc298bff1b3ca14d28c2e_JaffaCakes118

Files

b094642fca0dc298bff1b3ca14d28c2e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7bed2b2be86acf9cae8727bbcd52bbe5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseSemaphore
ExitProcess
GetProcAddress
LoadLibraryA
VirtualAlloc

Sections

.text
Size: 547KB - Virtual size: 547KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ