6121670d382b40b5c1b26904814d6802_JaffaCakes118 | Triage

Sharing

General

Target

6121670d382b40b5c1b26904814d6802_JaffaCakes118
Size

3.3MB
MD5

6121670d382b40b5c1b26904814d6802
SHA1

ce528daa1a7cffa0e3e970eee0e4f09434c9ff3a
SHA256

d2c1a5e035f168e58d28ef40b9b68f6605c47f8f8c19a3272b7ca885ba5cc4d5
SHA512

9ba8052644d5a939d9660852aa345a66c3642dd12327777736282f4ff69d238915f1ff00d27f3f21782e8844dfea1c2780af45f0c4f27ae0cd5d089a663134d1
SSDEEP

49152:gWtDIkwnBeCB3MrlKOujeN3cKZowF2o/UgxwNJX4TnJJnvR0UMSeNYY15Gdbm:gWFIkueCmZseWKZzF2ykNS7eFo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6121670d382b40b5c1b26904814d6802_JaffaCakes118

Files

6121670d382b40b5c1b26904814d6802_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ce8605f4572d09027ece14b34fde472

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualFree

Sections

qbmqopwy
Size: 359KB - Virtual size: 868KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.1MB - Virtual size: 19.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdojjszc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wtyxdoul
Size: 876KB - Virtual size: 880KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pryjiowu
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE