17c9376f15e8fabb93093090c7373d51_JaffaCakes118 | Triage

Sharing

General

Target

17c9376f15e8fabb93093090c7373d51_JaffaCakes118
Size

15KB
MD5

17c9376f15e8fabb93093090c7373d51
SHA1

cc8263d1068a44867cb244e806115fbe5a85157e
SHA256

8f966abbdae0232750fc6bc15ef89427d614b11723ee98d422a856feff7af042
SHA512

eca7cb986a22624e9cdf050b792493cb4972306315a42f485d574a35e554b9d6b5e5e2210bb64ab7974de84a415234bd55712640dba9f15fd0fca54bed59eade
SSDEEP

384:QUBBgGVs+vyv69AtJ7Ebu+VMx5d7sB3dt:fr/VniLxx5FC3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17c9376f15e8fabb93093090c7373d51_JaffaCakes118

Files

17c9376f15e8fabb93093090c7373d51_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a0ab55f616b558c50a3292b9114a401

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualProtect
GetProcAddress
LoadLibraryA
VirtualAlloc
Sleep

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.attach
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE