1bbdd380f36690bddd3b7358bc14faf9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1bbdd380f36690bddd3b7358bc14faf9_JaffaCakes118
Size

211KB
MD5

1bbdd380f36690bddd3b7358bc14faf9
SHA1

e31242890bfae667ed640ce8c203e2b32a5b7b8b
SHA256

8f8c5a3177c3faeb74ced00a0fbf5966442844865f4018f3cd66047b599a4e9f
SHA512

d59e6461a796188a5627e2f1760d5a8729f4e6e22e88ef719fc441df22fc7899f7d49f1afdbb429aa127eaa79303735de764368ae2457f672657f8fd984c2e85
SSDEEP

3072:9k2+LfWgO0xdH4Cjv+tcgBO3jKjOMFwEQIN3C9ISE0qJiNlUdpnl4:G2ngLdH4CHjKjOMFwEQISzqJBpnl4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bbdd380f36690bddd3b7358bc14faf9_JaffaCakes118

Files

1bbdd380f36690bddd3b7358bc14faf9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 86KB - Virtual size: 576KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 123KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE