91bb1e6c58bfd6f74e10f8c42d102511_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

91bb1e6c58bfd6f74e10f8c42d102511_JaffaCakes118
Size

115KB
MD5

91bb1e6c58bfd6f74e10f8c42d102511
SHA1

25dfbcc4c36d21fd12f35c48d0864266c0195df6
SHA256

77644cc37e18603604cc8c54d689d429bbbdacd7ec147b5d60a3d6f7e3ec4393
SHA512

a5404495df1e0d08a99ba09ff138d75c92bb5cd6fc22f8d484169b8a24be14db258434a240ab13438cda1c11aa2a1a8441ae72a4bafa1e9afcb01f1464fda167
SSDEEP

3072:rgTrM273go6XPCHjvbBdIQTJG01dEac94TLT4JXkexh:rGblbnVljc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
91bb1e6c58bfd6f74e10f8c42d102511_JaffaCakes118

Files

91bb1e6c58bfd6f74e10f8c42d102511_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5dac55b737915c55304f63eff92d6f31

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
HeapFree
GetProcessHeap
HeapDestroy
HeapCreate
HeapAlloc
Sleep
GetProcAddress
LoadLibraryA
GetModuleHandleA
InterlockedDecrement
InterlockedExchange
HeapReAlloc

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ