8941f6579073c5cef5c1e67b6d1b4c8c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8941f6579073c5cef5c1e67b6d1b4c8c_JaffaCakes118
Size

227KB
MD5

8941f6579073c5cef5c1e67b6d1b4c8c
SHA1

2f6dfbc0490a910c816f6c05944cab7e9488ffec
SHA256

04e46ecb8abb606fddadb5e698e942e3bb086642e815db0230120c015a7128c7
SHA512

6359954c67a42ed2b0ff6f099ddc9f2c0cb82e7aac3c583c1a96dde38687e3644c70b8d99ae2b246f6503caf96488edf0467b9842049e6bcdb4cfda79ae182f7
SSDEEP

6144:U4lwZ40243s0gJvyTZaPYZeHF/tIzi+Tk98i9goc8VRtlYJt:7n0d8PJvyQYZelVIziveo/RtEt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8941f6579073c5cef5c1e67b6d1b4c8c_JaffaCakes118

Files

8941f6579073c5cef5c1e67b6d1b4c8c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8ffc31bccd11f7f873be952d93bdc291

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

RegOpenKeyExW

oleaut32

SysAllocStringLen

mscoree

CorBindToRuntimeEx

Sections

.text
Size: 214KB - Virtual size: 540KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE