61f45da78c90dcb8c0539c2488dcdc3d_JaffaCakes118 | Triage

Sharing

General

Target

61f45da78c90dcb8c0539c2488dcdc3d_JaffaCakes118
Size

296KB
MD5

61f45da78c90dcb8c0539c2488dcdc3d
SHA1

d6d816a21dcd1caca15b20c791cf8eb858817734
SHA256

e6a9c7dcadfb46d7ffad01ea7debce6b0f7e20f822d1fb542e21249863adf4a1
SHA512

9e6931b2cd7a77b36ed9961ff7645b732c13ea03ab0dd820822c5e7c33674e9f23a899e96e40c2fe2b8deb444f5df0c46981b8bbbbcd1800f5da213aa0b53a88
SSDEEP

6144:mMQLRe8grOdVjvbtqtkr7rYrd5+JCU1EtDm4ipb0orpu:mMQLRuOdVLRx4oCU0mjpZp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61f45da78c90dcb8c0539c2488dcdc3d_JaffaCakes118

Files

61f45da78c90dcb8c0539c2488dcdc3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c35ed123bf7fb5532653325910c7a41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualAlloc
VirtualFree

Sections

CODE
Size: 279KB - Virtual size: 644KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.llydd
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE