2d67639eaa3e6e19d26ff2f39d67dd20_JaffaCakes118 | Triage

Sharing

General

Target

2d67639eaa3e6e19d26ff2f39d67dd20_JaffaCakes118
Size

451KB
MD5

2d67639eaa3e6e19d26ff2f39d67dd20
SHA1

1424d302cc31eb1911e16e2ae23b8b2c4bf1da9e
SHA256

9ba77bb7aa0466acbdbd19a1f7695e17ca642f059ed1197403641a7b98dcae96
SHA512

65deb6b7f8d09e5962d0bdd9f27cd4b9da5f3c2b1dd0a48f87f27cae751f585987f2c100d6cdf7248e0068dd6a63c4a202a270ec0052c8d2a26e50f0c2612fcd
SSDEEP

6144:J8hPTzqmesnHJ9a6JwSq0ZSgkFsfqQ0p5cm7a4PqGfUvc0tnWgyWkqc:J8lzl9q6/S5F7DXbdUU0AHWkqc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d67639eaa3e6e19d26ff2f39d67dd20_JaffaCakes118

Files

2d67639eaa3e6e19d26ff2f39d67dd20_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2205f073b634c1497f1fc3e78c7e99fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

pdb.pdb

Imports

kernel32

Beep
HeapAlloc
GetProcessHeap
HeapFree
GetTempPathW

msvcrt

memcpy
memcmp
memset

Exports

Exports

axztm

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 623B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 392KB - Virtual size: 391KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ