d2f5a93809260dc488e836fa4d531c90_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2f5a93809260dc488e836fa4d531c90_JaffaCakes118
Size

108KB
MD5

d2f5a93809260dc488e836fa4d531c90
SHA1

85911716241cd36eb9149c9a0797d33b06bcea2c
SHA256

58a2d8bb21971a838b540eff65f76ece368db5c2c76fbb0e47e79c191a4983a8
SHA512

59e88cae56fb258ca9b4684527defef501778557bd95f1a6e7dfdca4f4bc7e9b31d868dc35b083b980b376cc2007688a6666c494b1ec46e7d1c2119f8ca6fd84
SSDEEP

3072:xYXkxDFa4Q2hdVv/XryQYpRAs5xfHAE0AUogYU3:rg4pvN/7lsR9xfHAE0AUHY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2f5a93809260dc488e836fa4d531c90_JaffaCakes118

Files

d2f5a93809260dc488e836fa4d531c90_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b13545902a33a4fce97c4e9afd63445d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvbvm60

ord696

Sections

pec1
Size: 102KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE