9ac5fcd7b2198d0f63d3e61a0980326e_JaffaCakes118 | Triage

Sharing

General

Target

9ac5fcd7b2198d0f63d3e61a0980326e_JaffaCakes118
Size

227KB
MD5

9ac5fcd7b2198d0f63d3e61a0980326e
SHA1

1155cbb4bf07d60085b5bcece00d7292a35f2dd9
SHA256

2007d10cb70f1d3c6924f6d64fc296320ca95b146cdcf5968b1217a28af82958
SHA512

0bd255e20cac15ff33abdf88880d2c9db9daca869c095ba128528c35b0699a9b59dec35d1f4605d00fcd6b0a9359ed3cff5c4fbe403299440b2b18011d4c71e1
SSDEEP

6144:U4lwZ40243s0gJvyTZaPYZeHF/tIzi+Tk98i9goc8VRtDkYX:7n0d8PJvyQYZelVIziveo/RtL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ac5fcd7b2198d0f63d3e61a0980326e_JaffaCakes118

Files

9ac5fcd7b2198d0f63d3e61a0980326e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8ffc31bccd11f7f873be952d93bdc291

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

RegOpenKeyExW

oleaut32

SysAllocStringLen

mscoree

CorBindToRuntimeEx

Sections

.text
Size: 214KB - Virtual size: 540KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE