35d0674422cecbef3f4d61e48b4e1cb1_JaffaCakes118 | Triage

Sharing

General

Target

35d0674422cecbef3f4d61e48b4e1cb1_JaffaCakes118
Size

107KB
MD5

35d0674422cecbef3f4d61e48b4e1cb1
SHA1

de5212a2d3234925b95207ce32a54b8553748794
SHA256

633828c4728b1ff7063fdb2d442e46e822358afeafe474859cb6d2f4a34b6999
SHA512

9ffe31cd29ee8e9b60f1b877e6f5517588931baf079c6ce7be80618c7ced10d0f5a92edd516a3e49a5771d0b157e3392863de92c27cdbe57d231c60351b45143
SSDEEP

3072:z/WhcnSLr7XtpBuE7E6JKXk6XtAaxW4vl5Ly:0cnSLrTzBkoUjz9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35d0674422cecbef3f4d61e48b4e1cb1_JaffaCakes118

Files

35d0674422cecbef3f4d61e48b4e1cb1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

148bf55ceb3e5471ef5f9ffc2bb75e2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect

Sections

.nsp0
Size: - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 106KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.XComp
Size: 960B - Virtual size: 960B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE