21a534fc2e903336f66d1e1ef60f4553_JaffaCakes118 | Triage

Sharing

General

Target

21a534fc2e903336f66d1e1ef60f4553_JaffaCakes118
Size

2.8MB
MD5

21a534fc2e903336f66d1e1ef60f4553
SHA1

f252913d09a4e2e798c71056ceba7414d60985df
SHA256

59fe0e134a0a2809fff1b3d0bca7605d501fb792c6bcdc3896eef0d0b37f2fdb
SHA512

9724959c705e7c9ba98702fe171abcffa9c8a8c573ff7234affa3733c6b456e9dc4a23292042039530f3e93643b674f1a88daea8f9bba963e8cc135b1337769e
SSDEEP

49152:IBIVz9+IjaMqJFWBZOh6/a+jRO8wgm8KtngEvWUx6gFQE5Ut949YFIleD3l:IBIt9+ImdJFWB9a+jJm8KpznFVUf49YR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21a534fc2e903336f66d1e1ef60f4553_JaffaCakes118

Files

21a534fc2e903336f66d1e1ef60f4553_JaffaCakes118
.exe windows:5 windows x86 arch:x86

62d879766c85b01c8c01c3339e85d0a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32 msvfw32

PostMessageA C:

Sections

.text
Size: 2.1MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QunYing
Size: 656KB - Virtual size: 656KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QunYing
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QunYing
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QunYing
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ