6ee4235653ae6119043d3d237f106c24_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ee4235653ae6119043d3d237f106c24_JaffaCakes118
Size

36KB
MD5

6ee4235653ae6119043d3d237f106c24
SHA1

ae386ce984866c0caf3850a2a2cad66544c1f780
SHA256

ee69b6a798f6f72da983e07d932ba457eb9fd246ed0ea9fb3dfd001510ba998a
SHA512

cbe67acde945ca0c785bce875267537ba24284ebaed405c50431f3dbea1868386bb89169ae87b4ca04bac12271ba7115d8db3384fa79d1f313d3f6253bf00738
SSDEEP

768:2M+doSN12TzfqgczTZitD7ILh1vTTmPU1bjvij:2M+N12HygmEyDvTTmYk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ee4235653ae6119043d3d237f106c24_JaffaCakes118

Files

6ee4235653ae6119043d3d237f106c24_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6312ac49442665c75080266decd1c9e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

ws2_32

WSASocketA

Sections

pec1
Size: 23KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pec2
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE