JaffaCakes118_31c01b92a1b969925ce36c57374df0e2 | Triage

Sharing

General

Target

JaffaCakes118_31c01b92a1b969925ce36c57374df0e2
Size

739KB
MD5

31c01b92a1b969925ce36c57374df0e2
SHA1

eafe68beabc6de3757985f47594b6fd898d340d2
SHA256

74c2be2ad7638220e90fb7bc3b8fcb803250bc6cf09077e587a505c357f90f91
SHA512

7d77e2c184820ca1e42a2720b499719dfe1800f3215bcdc71408999ac987f2acdc5c5e11a7141f50ca759ce4c40cfd1d85ae6e77b2337e31e7d466c77348fc27
SSDEEP

12288:hfjZl2g5ZCNmdckHxQ5xf/gCUhtQMxKPZiGrN+qBDm6k3KqiHm:J2g5ImHQf4vtV8wGrNXwuqI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_31c01b92a1b969925ce36c57374df0e2

Files

JaffaCakes118_31c01b92a1b969925ce36c57374df0e2
.exe windows:4 windows x86 arch:x86

1bd6a1cccc0acf0bc50f0359268b4fc1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvbvm60

_CIcos

Sections

pec1
Size: 585KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 151KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE