5a84b8f87861d8cf2f611562caa1a0a7_JaffaCakes118 | Triage

Sharing

General

Target

5a84b8f87861d8cf2f611562caa1a0a7_JaffaCakes118
Size

179KB
MD5

5a84b8f87861d8cf2f611562caa1a0a7
SHA1

63e98d7d5a0558bcaabde6efae28f051056c800b
SHA256

0e756b3d0057f2f5203223b78f660fa68e5b3d6d1e7ca35a2649ab3e2a047809
SHA512

d5edb32c8b262cfdd9b99483d009cd9ba847ce3d4c77a76dd7911590e9245d461172950708ad589d65d91ba250b3073691af1928833c87b421d40f4297800965
SSDEEP

3072:DUk0HvVcbvFyV1gn+m0p7LU+/0As7iuGXXOcXfKbbO9JHnpSn7r21aNiBXhmzUB/:Dtq1OwpE0ts7iuViJjHnpYrmh5RVN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a84b8f87861d8cf2f611562caa1a0a7_JaffaCakes118

Files

5a84b8f87861d8cf2f611562caa1a0a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 11KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE