8b2134ac6a25a1db91ee0e1def830fe9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b2134ac6a25a1db91ee0e1def830fe9_JaffaCakes118
Size

904KB
MD5

8b2134ac6a25a1db91ee0e1def830fe9
SHA1

43e2881be2594b1e64f8fc89e789f444b7af3493
SHA256

462fc56e1739f3712c966a9571a8437aa1a4031c004154456bf02b973d408f5e
SHA512

57cd0dc68b2157ae97396646719cbfa1cf83e879107098689697d71f2a6508658a8c19d835d1b6ead974fed5d08c6d0182c1c20ca2cb4cdfb1a34ebcb60cd85f
SSDEEP

24576:eB2exyPuGCccOWWLh7orCpeAD1rQFFSu0s09v0h:MHxyPuGBRWeoepRD1rQFFJb0BC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b2134ac6a25a1db91ee0e1def830fe9_JaffaCakes118

Files

8b2134ac6a25a1db91ee0e1def830fe9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cdb001dd17379dd4ff362cfb9c51f3c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvbvm50

ord582

Sections

pec1
Size: 102KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pec
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE