8844eb65f24fa52fab174bc57b647ed2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8844eb65f24fa52fab174bc57b647ed2_JaffaCakes118
Size

650KB
MD5

8844eb65f24fa52fab174bc57b647ed2
SHA1

afe6c47c2caf297f7ed66b220c31464ae2a9b162
SHA256

5f06ea4c1f66ff80763ff1c16bb61cc32a25377cb6c7625afdc248ce2b2b3a22
SHA512

ab5d4e87e5b16bb40c40df2cd174aed06a60e6b58a5523bdc8fa90d8e8de1db8781de5921cb0f538fda22b098fa38085bc3d68c8b4a40e03bab1ee38df02a838
SSDEEP

12288:G/el+sJzHZ3QDE90AhDc1SS8pVFSHt+bspeqTwELKpxbL5N2H53zAl9K:gs5Z3J9Ry6aH8wwqTTLK7btNM5jADK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8844eb65f24fa52fab174bc57b647ed2_JaffaCakes118

Files

8844eb65f24fa52fab174bc57b647ed2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c35ed123bf7fb5532653325910c7a41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualAlloc
VirtualFree

Sections

.text
Size: 132KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.llydd
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE