629c0ccc39ef6841c60f6f2a9052b271_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

629c0ccc39ef6841c60f6f2a9052b271_JaffaCakes118
Size

5KB
MD5

629c0ccc39ef6841c60f6f2a9052b271
SHA1

4b08387ae1248468563523d1fe9950484312012a
SHA256

385b697bf5cc7a42a7202a71b99448866dee79ee7987ea37f7ce9b752c7d7017
SHA512

a3403085f89981a82f3bbbc7e1ff34fbf73367e9615d48834f48fc16fb5199129f40a20d652fcd8e8b4b2a3c396f4e6c4f23f1dc57e5c1fb041dd88cc50c65ce
SSDEEP

48:y8O0MHJxM1ZLGvhPsy1WGMAQEFpByb8d6ZVj5CXJVrL2gBriwWPmP:HMgZ2hPahATPb1bbrMPm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
629c0ccc39ef6841c60f6f2a9052b271_JaffaCakes118

Files

629c0ccc39ef6841c60f6f2a9052b271_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a70ce324404a3d4c53a6dbe55be78e9b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetAsyncKeyState

kernel32

VirtualProtect
Beep
CreateThread
DisableThreadLibraryCalls
Sleep

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 131B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ