2f592aefc2207eb8f1f5ecfe79daa991_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f592aefc2207eb8f1f5ecfe79daa991_JaffaCakes118
Size

124KB
MD5

2f592aefc2207eb8f1f5ecfe79daa991
SHA1

209f23992c0220799344c61a40639372541c6eaa
SHA256

7f3c0819413c7c6bd2db2a1fde1ece55a16ffb8b3d7120476c1182858dfa60ae
SHA512

48f8250dd48d096601f553b879b9dca562c123f5e0e28f4d4b2b5035c12ebf197e85f658065b8167d927711d3fb2165978c810c7256afd7ab1f164ada1233086
SSDEEP

3072:16vTRMlsv76cYl6oowh6twGF9pKLcRDEbFUq:Mv76NV4tDfZDEpUq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f592aefc2207eb8f1f5ecfe79daa991_JaffaCakes118

Files

2f592aefc2207eb8f1f5ecfe79daa991_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b13545902a33a4fce97c4e9afd63445d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvbvm60

ord696

Sections

pec1
Size: 95KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 956B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE