37719855881cffdf2ff4344c3e88fab3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37719855881cffdf2ff4344c3e88fab3_JaffaCakes118
Size

67KB
MD5

37719855881cffdf2ff4344c3e88fab3
SHA1

87b5ff857b719c0abf8325372fad0d0c2f9cc66b
SHA256

b978354bab212154204d532ccf11648eb4f0af785b4c2a6be3baedbc1fa51eda
SHA512

932fecf4bfd761573903d2c09e6772e233ddf68733824ce0861f831c717372a40d3505e096f1eee4b9bba4a0e08bf5ba56fef5892b73e9e7536f74b230ad11ab
SSDEEP

768:CEBt4mR/01IyzJAFdmvNTYeEK176nZZihk1DC+TEAzlOuYlHE2ir+lS:C+4mR/01IpFANTJ1mn/fIAz4HE2A+k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37719855881cffdf2ff4344c3e88fab3_JaffaCakes118

Files

37719855881cffdf2ff4344c3e88fab3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 47KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE