756d916c3ef82863112dbc686d981d66_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

756d916c3ef82863112dbc686d981d66_JaffaCakes118
Size

2.1MB
MD5

756d916c3ef82863112dbc686d981d66
SHA1

c94763e011dc60ded75042d69e9874cb24423771
SHA256

3cb8d1cb600b54ebffb4bd34b1544d786ed4057c3bebcafe65243c0d303c3c26
SHA512

e37224d642a55f0ab26a709b5553e3abdb5364570036ad781fddaf1de7594e0e59dc2a95b432c8df2137856eceb36d3208309c837c218b6d097eec26c1525e23
SSDEEP

49152:Y/Dgf3D/xyemc3kTe1tYcJ/3sX/Re5w/HyhYCCraGx:YbgrJyemc3l1icJfsX/Rr/Ysl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
756d916c3ef82863112dbc686d981d66_JaffaCakes118

Files

756d916c3ef82863112dbc686d981d66_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 89KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 211KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE