6348e489d8d35ea5ff382850286a965c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6348e489d8d35ea5ff382850286a965c_JaffaCakes118
Size

56KB
MD5

6348e489d8d35ea5ff382850286a965c
SHA1

c0b56bc0f459e4b0a816dc63729833f6e8f7c4c0
SHA256

692ad07fc15d1b0a7ad3e005a6c11f64f6f74a3f7690fd365abaa0da7739b87e
SHA512

1d97b00876a0f3b3e246ae812c08f58084c3a7ba1fc55910249078f7655e932350f49c82c45537fdf21ec5ae73c1e44585f6964c927ffba9f62bea8e1ddcb66a
SSDEEP

768:/GCV6O58awRoAvZDV49ieUXgn4SSciyS1gPZ4DLPLJKLiq+lz:JV/lfI1KYefnscpS1gPZ4DLDJKLV+p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6348e489d8d35ea5ff382850286a965c_JaffaCakes118

Files

6348e489d8d35ea5ff382850286a965c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 36KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE