44aad5d19b800a6b465bed3e67c42149_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44aad5d19b800a6b465bed3e67c42149_JaffaCakes118
Size

64KB
MD5

44aad5d19b800a6b465bed3e67c42149
SHA1

a47ae6c25d2b86b38ba51c9cfb8979d7e088ac68
SHA256

2a711ca266283b60cfa639d270b6a09b80ff869629c6535011973e31f06bf6d7
SHA512

47e2bd5160a7bab7342ac181833a9285d052f8a65daeca2bc8acda1bde5e925321198342bb0a83c4588e8c93e9457d377fc5d542845f8d0cf296bcf4e9336ca2
SSDEEP

768:9g20jlMxw8RxWsJ0XGiToxvNzSrdnUfhUcnkVEbP3TXColBRkQ7lKa9siS+ld:9a+xdRGwh8Mbk8P3TH37ka21+b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44aad5d19b800a6b465bed3e67c42149_JaffaCakes118

Files

44aad5d19b800a6b465bed3e67c42149_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 44KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE