JaffaCakes118_17903a2c75c2e497ca6cda1338ba4c25 | Triage

Sharing

General

Target

JaffaCakes118_17903a2c75c2e497ca6cda1338ba4c25
Size

370KB
MD5

17903a2c75c2e497ca6cda1338ba4c25
SHA1

e1a0660a8d3b8b55a397029aa4b2e937f66a29e9
SHA256

f505e0221579ed11341810a4a6760d2694e1d28bdae56c60519b52f254f29f9a
SHA512

285526ba16019e42ec5d6f7497ff2cea99dc5edd9926979d24483b3e786168cd5db4657b740b4bd5c696a320055ba65b46ac75fa3d84255e646c58782070dcee
SSDEEP

6144:IXPxDCR6ph7kqm3NE2Mp3JjuSQpSr5OuUElaPzaWYjwM09WH4/eoZj1J9t84Q0:aK6z4t31eZOpSpUElgxY8H9WYdd9t8o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_17903a2c75c2e497ca6cda1338ba4c25

Files

JaffaCakes118_17903a2c75c2e497ca6cda1338ba4c25
.exe windows:4 windows x86 arch:x86

dae2264e721d7c66f7fa35e864d11aba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
LoadLibraryA

Sections

.Kaos2
Size: - Virtual size: 768KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Kaos12
Size: 361KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ