d98825a12e37bd0ae3334cf3780b9f59_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d98825a12e37bd0ae3334cf3780b9f59_JaffaCakes118
Size

350KB
MD5

d98825a12e37bd0ae3334cf3780b9f59
SHA1

677ddfa925727c898beab908b431cc1e7f3dc54a
SHA256

59c6374ad165f233bc7ed43ae665dcd6b40dd75fbf1f84dfcbe26d6b51287ead
SHA512

8579639fbfd12be4ef5f4858c2e480d965cd4efda88d39836b4219496d8e07ccbb71d126dc9cac7265a4adbae1d62cb7b91c03750299f401ba112a0326e1a9de
SSDEEP

6144:WUJ76010U+Rv+m68DNk7h6j5rDPhfuYB+O4+W2BENEygdWCxqVxS66m:LdyU+Rv+mTDmfO4gzygdWAqVxSC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d98825a12e37bd0ae3334cf3780b9f59_JaffaCakes118

Files

d98825a12e37bd0ae3334cf3780b9f59_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c35ed123bf7fb5532653325910c7a41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualAlloc
VirtualFree

Sections

CODE
Size: 322KB - Virtual size: 736KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ceny
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cong
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.llydd
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE