30fff75f92c85ec61b9a376850364e55_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30fff75f92c85ec61b9a376850364e55_JaffaCakes118
Size

512KB
MD5

30fff75f92c85ec61b9a376850364e55
SHA1

6404e953da7aec3dfcc71c7743519b896eddc274
SHA256

d8115e2d8c8d06d902353776e16a665d7712c5772c7d71cf0adbd3fb207b1849
SHA512

46fba6410335f55e138f8a2866b9731f5382bc9d3cee8898bb15884291f8752c6f834ef88f26226863d5b091d90057b76d641d91d9fa6c1abaec2c7baeb913ad
SSDEEP

6144:uNBEpDFRDqMMITyjMofkT3P5D2uK5KD2IZc0:unOhRDqZeUMofkDhD5mSc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30fff75f92c85ec61b9a376850364e55_JaffaCakes118

Files

30fff75f92c85ec61b9a376850364e55_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lhf2qhqr
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zyps7cgu
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sfxocsfv
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ