1a5bca2708d335852971d3259b0d36b9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a5bca2708d335852971d3259b0d36b9_JaffaCakes118
Size

45KB
MD5

1a5bca2708d335852971d3259b0d36b9
SHA1

00f98b154c930978ea887beab04a8b64ad7eac80
SHA256

cd1aba65076257f67df10dfa18e229afe543e79aa147ba0736128b979dece888
SHA512

c69bc1baf2a68cfbf1cb668a06a336bda784a4f8b03d0560876b4f1de41afa8109cba08d69ab1deedce7ff3eba1020a8a70801a5fed8461dab3864a0be2dd66e
SSDEEP

768:1hXsWnz5bu8Zhj71vCzSBmLJXR002jt5Y029tzePAvTHkLFv+QOy:znYCtB0BGh29tzeovwx+e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a5bca2708d335852971d3259b0d36b9_JaffaCakes118

Files

1a5bca2708d335852971d3259b0d36b9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 35KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE