4681826d0bfd52debb3739e6428a2c6f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4681826d0bfd52debb3739e6428a2c6f_JaffaCakes118
Size

53KB
MD5

4681826d0bfd52debb3739e6428a2c6f
SHA1

16547ab043c77b68b09aff9d80a640d97114b21c
SHA256

62100fec7c581a32cce07794b73caa1c8f7206e22fd9001a2c15bc64bfffd40d
SHA512

103a7542a14acab2a34fcf7f8018e143efe71eacc4491c7f979874d0a23727a9070cdbfd43e371bbce0df5056ec81b984172190a863d26a37c31a72b1ef6f8aa
SSDEEP

768:0wSusJflkizHZN/XS8yxxD+hAckJ1jv/R7a55vGFdBN/gmsGUmu1jKvC:oJWE3C8yfD2AckJx39aje/gm+mu1kC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4681826d0bfd52debb3739e6428a2c6f_JaffaCakes118

Files

4681826d0bfd52debb3739e6428a2c6f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c35ed123bf7fb5532653325910c7a41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualAlloc
VirtualFree

Sections

.text
Size: 38KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.llydd
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE