16aa72319a9daba7737aecf14337471d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16aa72319a9daba7737aecf14337471d_JaffaCakes118
Size

655KB
MD5

16aa72319a9daba7737aecf14337471d
SHA1

b3d49546ed55939ba115b03b10753c45e2ddfc18
SHA256

46ee45a260638e480989600b0906d2c6cc37e3b7fbba6d48036759cc33894293
SHA512

cb34cfe2a08510213a1c2e5c3f614bd5b824d598386a27b3e7064af947aabd0a650b4828927a8567b6d3b7f8f0217b86bb009e2d4aee67c1a5415f0e5e378a14
SSDEEP

12288:6/el+sJzHZ3QDEZ0AhDc1SS8pVFSHt+bspeqTwELKpxbL5N2H53zAl9P:0s5Z3JZRy6aH8wwqTTLK7btNM5jADP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16aa72319a9daba7737aecf14337471d_JaffaCakes118

Files

16aa72319a9daba7737aecf14337471d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c35ed123bf7fb5532653325910c7a41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualAlloc
VirtualFree

Sections

.text
Size: 132KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.llydd
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE