71adbe9e6ef3852130c23de45e3991c7_JaffaCakes118 | Triage

Sharing

General

Target

71adbe9e6ef3852130c23de45e3991c7_JaffaCakes118
Size

115KB
MD5

71adbe9e6ef3852130c23de45e3991c7
SHA1

c26626933e09bd7b20431a07315a47fc1d5baaeb
SHA256

52b534a0d448ce760205ff27755f40bde99d5c5d06c945575c23338ee2a2f257
SHA512

b689c6eb7888e18b1fc5cbd11c18338fb602dae9c448e4a10a46183f2a2b2eec3b021caf762492f0a00e001e82698663adf7b5444e98f8d69316a4e8961dd0b6
SSDEEP

3072:2/WSXeqlB/V8XWkMmcIU8PybrRnjgxQhHZleG1Q52:qOqlBuWkM5f8PybBjgxS3eGe52

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71adbe9e6ef3852130c23de45e3991c7_JaffaCakes118

Files

71adbe9e6ef3852130c23de45e3991c7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b8111320f794d9e62a7ffe5d84bed59a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualFree
VirtualAlloc

Sections

hmimys
Size: - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hmimys
Size: 114KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hmimys
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE