21022536add796c0b1ddeb273153a74d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21022536add796c0b1ddeb273153a74d_JaffaCakes118
Size

77KB
MD5

21022536add796c0b1ddeb273153a74d
SHA1

22199e41b1fd0a98da5f135d50d3ef97a5780b2f
SHA256

6d52c8af4bf0a3f423eca839f17f3c6c2bf6758843dc20efbdb3a029281a0a0d
SHA512

d506d1b46dcd11af2e006020b46464565e20c5735739875f57123e08437138c94e331197d3cb619544563d7ab4cb648b021c1a5d0120bb0ffeb3d7afb45a3777
SSDEEP

1536:JsD0+7CxIWDuyF4e5gZnJu8aqiJqad/tCxIsd5/o/0N8B3NbSiEDkTH7:KH7CxIWDDp5gvu8a/pKIsd9o+coi7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21022536add796c0b1ddeb273153a74d_JaffaCakes118

Files

21022536add796c0b1ddeb273153a74d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd51a645a9c68bd03b2e51586e5cbdcb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 62KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE