3835231651d90584cff3aa0d5dec56f4_JaffaCakes118 | Triage

Sharing

General

Target

3835231651d90584cff3aa0d5dec56f4_JaffaCakes118
Size

2.4MB
MD5

3835231651d90584cff3aa0d5dec56f4
SHA1

a6854679bfb403c2b31e9bfe1259b1f8cc9e5055
SHA256

3e80bbe550958c08d845d1099d5afc73d9a3f54fc6b41594fda399b818f932c7
SHA512

7fc2eb18af18a0da848b3a19c348c7a4ba20bbc84caa38bba5062dc941e2f1b065f8be3ccc9b6cf8f49a123f48ce5ace67f37a24a8a90adc8b53bbc07ad9f1d8
SSDEEP

49152:QG9i7pEH4r3hPLMMn2EW9dC3yLL6wEByMABr:QhiH45eqyv5ET8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3835231651d90584cff3aa0d5dec56f4_JaffaCakes118

Files

3835231651d90584cff3aa0d5dec56f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c35ed123bf7fb5532653325910c7a41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualAlloc
VirtualFree

Sections

.text
Size: 2.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.llydd
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE