bd35d2c13dbfe0aea20a468c0503e329_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd35d2c13dbfe0aea20a468c0503e329_JaffaCakes118
Size

53KB
MD5

bd35d2c13dbfe0aea20a468c0503e329
SHA1

a561c335c3a4c3fe2be106a50e3517ec19e3550a
SHA256

03922764a938019793c86e32b64ab4f5824a497c908d35a1568b85edd0f8f3d5
SHA512

8fe38fd3ae1a42db203eb0d64fc2e8e5ff5e8c0c2e760d1562f774c603946b87d72bddedce219718bc10e118ce7b94976bd330dd179fdbf9653da0a9716ae1ab
SSDEEP

768:h/nCgXf20Swm13PojX1iew0bFR/SKfVNb8f4GymlqoKg/elSe71ilywzicPnAnYp:hb+fhJPe1itmF5l8hlcg/u71ilyLcvE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd35d2c13dbfe0aea20a468c0503e329_JaffaCakes118

Files

bd35d2c13dbfe0aea20a468c0503e329_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b13545902a33a4fce97c4e9afd63445d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvbvm60

ord696

Sections

pec1
Size: 47KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE