ee523f0176978f2eb9ff29bb3215c9fd_JaffaCakes118 | Triage

Sharing

General

Target

ee523f0176978f2eb9ff29bb3215c9fd_JaffaCakes118
Size

685KB
MD5

ee523f0176978f2eb9ff29bb3215c9fd
SHA1

6345856c55e24dbc6d4cfef9708582925b71d784
SHA256

e04c2cb66a5a074f17ac0211fad1ea2ff2f37ea684c6818ef7e5d40c600b3c58
SHA512

ef0a0a70cbc4e7c60c69963413f9e00d54fabd730eb5f4182d7a070fbb537094d3b6c4970ef45afab755d517d68d30389d03c3b064def9c4cb2b0f6914157ca7
SSDEEP

12288:zOBItp7ioIt4mAlgdFDb4TzBnlDxKMIQvSGCpVdXsqd1I:zOBC+8IDb4TlnSMlSzpVdXsu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee523f0176978f2eb9ff29bb3215c9fd_JaffaCakes118

Files

ee523f0176978f2eb9ff29bb3215c9fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d76f4237a8ae158292f09835997a1d9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA

Sections

hdxhwxwz
Size: 29KB - Virtual size: 504KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dmjjoowh
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ukdmegip
Size: 479KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

napcnkdk
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE