62eda8ca1ac0f59b12a8533f7c935169_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62eda8ca1ac0f59b12a8533f7c935169_JaffaCakes118
Size

192KB
MD5

62eda8ca1ac0f59b12a8533f7c935169
SHA1

cdc072911a40e69be167cb056026896d33c2fc76
SHA256

9a8cf16cb06c188d50983bfb7f54bc5062ab28d6701655ae855f86f9845cf00b
SHA512

2f7ee0d6c5ce9c279f31661d32857703e431113461e200aaa8e54362950a4d2521c28f19c44359f65282d0d9319550051a3668c999a48771a39cec69c9f61ee0
SSDEEP

3072:XxFIQzVQMBEWtHHbYDq4qDCcEZ3OPn779jzJtqCWI3snbWRaUJdi4sVN0Yw7Qhah:XL37LHHbF9E8PnNjVtGI3sbWan4EPh45

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62eda8ca1ac0f59b12a8533f7c935169_JaffaCakes118

Files

62eda8ca1ac0f59b12a8533f7c935169_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a099e0fcb239ce3d7b340c5789412abb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetModuleHandleA
LoadLibraryA
FreeLibrary
VirtualProtect
ExitProcess

user32

CloseWindow
SwitchToThisWindow

Exports

Exports

WriteNtwmkfqbj
Veywanrpsga
OpenSkgxhuu

Sections

.text
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sec2
Size: 1B - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 183KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ