021dd2daed8101b6cfe9d9f1b16a5404_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

021dd2daed8101b6cfe9d9f1b16a5404_JaffaCakes118
Size

196KB
MD5

021dd2daed8101b6cfe9d9f1b16a5404
SHA1

14115d1063b268479a3996f604ee27000394d4a0
SHA256

cf318fbf9e3c9ed501f80aebb98dd5b8eddcf610793603956d397d8204dc61e9
SHA512

d67721f53b444d10a5c114653301bcde42e8253f981d78ad75ed0a06a07a004bdee586c207f5da229fa9804f685d07177a2b7ea9838e2e773162478ff262b6e1
SSDEEP

3072:mwZFBG7Gt5LQpL17tCAZbpQvKgMYbKXonUmeWxgFCg/0a:msFY7c5LuBUKbGw/SxhScw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
021dd2daed8101b6cfe9d9f1b16a5404_JaffaCakes118

Files

021dd2daed8101b6cfe9d9f1b16a5404_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7ca36aefde49259784672acc7d27a4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

Sections

.rsrc
Size: 3KB - Virtual size: 152KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

coderpub
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lol 0
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lol 1
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE