cddf09aba3a66256cb8c9eea6dea5b99_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cddf09aba3a66256cb8c9eea6dea5b99_JaffaCakes118
Size

440KB
MD5

cddf09aba3a66256cb8c9eea6dea5b99
SHA1

f85bb396a1521dd075bf465f062f653877729ae9
SHA256

fcc13d30ccc2a7e20d9bc3eab0fd5d84402964b2c0a45cd25b6e301a853876c1
SHA512

f1b77d24169a504db8ad04054e68599ee3cc54d97cd5b9996a600e40e8b215a57e12e89b08516683e413ac27419f6979eca8f3c94c70f80442b1db89b942fe2f
SSDEEP

6144:AEZbrEcA0Lc/j/cfkmdUPt4M2B4EVWgVItfrPVto6illsElPuEPCa15dbsc:pvu2km+PtfVgGr06ilp8va1A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cddf09aba3a66256cb8c9eea6dea5b99_JaffaCakes118

Files

cddf09aba3a66256cb8c9eea6dea5b99_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a53f732e1bbd70e2b3217e8d53ce6afb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

Sections

pec1
Size: 379KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pec2
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pec
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yoxuxjf
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE