301ae935f1af5bc0a037b24e668a737c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

301ae935f1af5bc0a037b24e668a737c_JaffaCakes118
Size

332KB
MD5

301ae935f1af5bc0a037b24e668a737c
SHA1

bfcb26d22fc9d64c5508f44d8702a477a5bee25b
SHA256

83d8b7044d7b992f3e2d060a9da51fe7c324b4a037d656734d1258b9de2c1960
SHA512

dc7fe43a99ec95081384a5412ea37e166f0fa3f0a7abb422c702cda7ab85bdd13df2a7c12d1fdace9ba242651266986ebd037c7ea832dc750edb8b34475b9581
SSDEEP

6144:rKpMxzzLdSouWrtsLRUT7f6P2Td7OQDIwNk3yoFsyB7guHLTiLuQ:zxzAouWuRtAwQEw9+syNguHLO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
301ae935f1af5bc0a037b24e668a737c_JaffaCakes118

Files

301ae935f1af5bc0a037b24e668a737c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c35ed123bf7fb5532653325910c7a41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualAlloc
VirtualFree

Sections

CODE
Size: 298KB - Virtual size: 668KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.llydd
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xiaohui
Size: 20B - Virtual size: 20B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ