213b2a6c290462b0806c64c3e359bc28_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

213b2a6c290462b0806c64c3e359bc28_JaffaCakes118
Size

106KB
MD5

213b2a6c290462b0806c64c3e359bc28
SHA1

f23bbc180807292aeda8c19bbed34a29316f9de1
SHA256

9a831e0722248aa8efbb82404ec55ad65af3d963f9dc9243fde843c721ef8f14
SHA512

a9b84a95598ca8e29c6859126e70bf7a199c65cf727d8d0fb3b1aa6418efcf36624227a9dddeead86847098bf395ceacec1ce2a6a69d2639878d2008b3bce39a
SSDEEP

3072:WxWp2ismX0Fk1QNtZDVDlW+WAbZLabyxG:Jp2oX0Fk1QNtZRQ+bZuiG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
213b2a6c290462b0806c64c3e359bc28_JaffaCakes118

Files

213b2a6c290462b0806c64c3e359bc28_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c35ed123bf7fb5532653325910c7a41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualAlloc
VirtualFree

Sections

.text
Size: 35KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.llydd
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE