6335f5425716dffc40bc573450301855_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6335f5425716dffc40bc573450301855_JaffaCakes118
Size

16KB
MD5

6335f5425716dffc40bc573450301855
SHA1

149a6397b02bd03cb0a0b1705a38a2fcd4609faa
SHA256

3ad08c6f1783dfb9ec5351ced108db781a064d10839f63137cb9f994010934fc
SHA512

6c6d344e09382ddde5a05df0c76734be1bac55f1caa8cdf7095232641d857e4985c9ad64d7fd0e90d71815f73022010a8163da4e438d0fc00c281c2571340187
SSDEEP

384:TmQxOkEp3THMu65dpuL10fQRKpIZybOcRX0V5JY3JU:XBEpTUM0fQkpI0bOcRX0/JY3JU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6335f5425716dffc40bc573450301855_JaffaCakes118

Files

6335f5425716dffc40bc573450301855_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee2d12bbbdf791f23d294ce53d20408c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

CharLowerA

advapi32

RegOpenKeyExA

Sections

.text
Size: 11KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.djk
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE