2ec5a6a05dfd70e65f0375934f2bbb06_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ec5a6a05dfd70e65f0375934f2bbb06_JaffaCakes118
Size

13KB
MD5

2ec5a6a05dfd70e65f0375934f2bbb06
SHA1

64257cd087ef5c97fe5a14b920d60185f37b9d2f
SHA256

2076def67361fdf5d4299ac1747f2b4156f21dcb4d8b8bdb7a41c013600dffc8
SHA512

3e1b5bfe403866ae635211b49680d0536a059438dd13327391d4ebd685e234e7668872ad7cf5709e65962fe60c28062989dcd8c993fa45de087a14b61a28e085
SSDEEP

192:tch3KuWLsTlE/KThi0sT+8d3VIjPq+er3D6u7/pyCRwWMb2UtAQJ1:tfZME/iVsJ/3D/pzHMb2KD1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ec5a6a05dfd70e65f0375934f2bbb06_JaffaCakes118

Files

2ec5a6a05dfd70e65f0375934f2bbb06_JaffaCakes118
.dll windows:4 windows x86 arch:x86

467aba1d009f28b50ac738991c04ab47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
Sleep

Exports

Exports

Control
FreeBuffer
Release
Start

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 317B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ