b3b6dc79696735bca34f9e3a515682f0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3b6dc79696735bca34f9e3a515682f0_JaffaCakes118
Size

17KB
MD5

b3b6dc79696735bca34f9e3a515682f0
SHA1

cd5a653f256b7c4c45bfcd47b616d05f83f0536a
SHA256

e585941307566316191a1d8efbc40fa54a58bd95842bea552c160a8fca5b8f64
SHA512

92a4f9d2dfd7046e94883d159378d743ca591bc8f3a57d3072f97822419a0fbce04e6911b5b0457bf14677d900a589bdbdb398c0c3583033dc667f8482ba2ce3
SSDEEP

192:exYmvdxGEgDO0pMpOsgL1nX9hnuDULBxPyipuDzEOmlAX4Hnq3EdKmiCnyfUlJYR:R6/GEgfpMpeXPn9XRpCzEBtHnq33CyV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3b6dc79696735bca34f9e3a515682f0_JaffaCakes118

Files

b3b6dc79696735bca34f9e3a515682f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

62631f821feda85cda45f6f8df3dd536

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ord63
ConvertThreadToFiber
GetModuleHandleA
GetProcAddress
LoadLibraryA

Sections

Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LOLaTOEE
Size: 9KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE