644fbfe8ef83769f2b1918a33c3d2337_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

644fbfe8ef83769f2b1918a33c3d2337_JaffaCakes118
Size

133KB
MD5

644fbfe8ef83769f2b1918a33c3d2337
SHA1

327a81ca8922000aca3d35dc200308f52c9b3d20
SHA256

bd83d43e96e364a39b998a61e24fd7d6ac6ef96d4ef590d1758b65660e62a0ef
SHA512

bfdd3a245ca5b42dc1eb70544e7ecff2a621b052efb6c4fd70f7843955dcb3df12567356f199d6ed8fe3fd293ef935cacbf1b041768f7fc2c3c3fe0505c230d5
SSDEEP

3072:lPUaDRLSsH+X9+RAW5UJLLIXXsUJLLIXXQkzGpF:hJOsEWD6JiXJigfn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
644fbfe8ef83769f2b1918a33c3d2337_JaffaCakes118

Files

644fbfe8ef83769f2b1918a33c3d2337_JaffaCakes118
.exe windows:5 windows x86 arch:x86

58fdacc3941f1215980b9e13aa0f175a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
GetProcAddress
GetModuleHandleA
GetModuleHandleW
LockResource
LoadResource
FindResourceA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 380B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ