321e3cb28a875d9ac3ac471ee0272a9d_JaffaCakes118 | Triage

Sharing

General

Target

321e3cb28a875d9ac3ac471ee0272a9d_JaffaCakes118
Size

51KB
MD5

321e3cb28a875d9ac3ac471ee0272a9d
SHA1

c5b56e14ed588c91ba7b6f2be87328f4f2add37b
SHA256

98653f9d647109dd2605d34926518d48653962e3188f8c54831a7d7fce4600a7
SHA512

7c79fc547ed1629c271355cb65956fa766d5eacaace14a9f72b7e2f7154c735974e6745bdb041183c119c571928c665c2c22dfab68242c74a87004007afb48a4
SSDEEP

768:43U5FzwvyDQ23bBeJ3XKyjASQ6fsonWq3ILsVKqaxNWZt7IC6Z/MZRygRYIoh:4E5FzwYQs43XKyjnUQt3XEzvJRgR6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
321e3cb28a875d9ac3ac471ee0272a9d_JaffaCakes118

Files

321e3cb28a875d9ac3ac471ee0272a9d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

��oc
Size: 46KB - Virtual size: 576KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE