135470914ad0c8f60abe203703362540_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

135470914ad0c8f60abe203703362540_JaffaCakes118
Size

104KB
MD5

135470914ad0c8f60abe203703362540
SHA1

52228da7ec7a17e9131a80fe2862b3205bd1dc00
SHA256

d7b6a21a057f5fb7bcf68f49987793bea794875dd53f181586e795adeefc0f16
SHA512

3337bbc0d7d755cb9d8b85e0ebcb751ab8284e9e94fb217bb067c5cdaa572c2c26f6b9f2a4ad7ec8ea605405d1cd95f2effc63deda5f7b3b1c1a672417e60c01
SSDEEP

3072:WYepp9QL9Eir9bX96Mqvg3AxecebRrkx:WY+WEirFNigdbRw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
135470914ad0c8f60abe203703362540_JaffaCakes118

Files

135470914ad0c8f60abe203703362540_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1dcc5764118c0e179261ccc6d96ade48

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
LocalAlloc
GetModuleHandleA
VirtualProtect

Exports

Exports

DllCanUnloadNow
DllGetClassObject
a
s

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 26B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 578B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE