680c980776f369758807eb036bd16550_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

680c980776f369758807eb036bd16550_JaffaCakes118
Size

55KB
MD5

680c980776f369758807eb036bd16550
SHA1

1e698a0c72d1f2c5f160fc73ac87db3f4b4acecd
SHA256

94b6315aa771b2b53ea74c26cb601a959d5744d77ee9d92441067cd41b78be6b
SHA512

37a430359f372b4eb7e7ab88c273b5550e8dad33aece9d7c5c34003a9fa6ccf1dc88be82fffa658abf572ff5b1880a27da981335bd1886d6b0a36839cf8a1ad0
SSDEEP

768:jbhXsWnz5bu8Zhj71vCzSBmLJXR002jt5Y029tzePAvTHkLFv+QOKit+ly:VnYCtB0BGh29tzeovwx+O++Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
680c980776f369758807eb036bd16550_JaffaCakes118

Files

680c980776f369758807eb036bd16550_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 35KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE