63144a66c143fd1e805323c14b328904_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

63144a66c143fd1e805323c14b328904_JaffaCakes118
Size

102KB
MD5

63144a66c143fd1e805323c14b328904
SHA1

36a2f5f3b60e3077363a40a5faf59cc58cf8f9b4
SHA256

bdae540847427224989cbd7294315dd44667baed7f756f9093444047415cef08
SHA512

04215243051792752a269c0b00bc3ff7c38ef43ea40c1a7331da1d564c325e2cb8725feac67b41a7f5ef20741a10afcc238f7a8f064ce8f8c536a259292f7465
SSDEEP

1536:Y3kBJQ4bOo4R/LOXLZm8NEB1qyhSsn+ClS1vNz98TcG5Qz+2fnFC/YH+ioQMLNJy:HQ4bj4xLOXNmaSjjn+CO584d+bQI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63144a66c143fd1e805323c14b328904_JaffaCakes118

Files

63144a66c143fd1e805323c14b328904_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 87KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gda
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE