75ab2867719a0cf0bab0e55fd923abd5_JaffaCakes118 | Triage

Sharing

General

Target

75ab2867719a0cf0bab0e55fd923abd5_JaffaCakes118
Size

22KB
MD5

75ab2867719a0cf0bab0e55fd923abd5
SHA1

e1fef2eb2742b051b2d09dc90e7b363bd90026d0
SHA256

8ff85c4df67731360db319b5c1f92e097cbe885c989d5235c9db0653a23a4d96
SHA512

17583e351ba317a6b51bdc7265004b4fbcf1dc78191197e37a01411304566a3b7b701495c21189bb228585e2ad6d5930b580b858420606665c2a0fc2d26e2421
SSDEEP

384:+a0hmHoOOBDOpbo0EICjw7eLDe0FCSdlmQx4GPsXDLcc6ce+AXdO4NFgB+GBMjQG:4MIOXGe7eLfFz3mQx4FvGce+AXdOGSNU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75ab2867719a0cf0bab0e55fd923abd5_JaffaCakes118

Files

75ab2867719a0cf0bab0e55fd923abd5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4582ffdd7eb98cb63a937096204182b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetTickCount
GetModuleFileNameW
GetCurrentProcessId
OpenFileMappingW
GetLastError
MapViewOfFile
CloseHandle
CreateFileW
CreateFileMappingW
UnmapViewOfFile
GetFileInformationByHandle
VirtualAlloc
VirtualFree
GetModuleHandleA
GetProcAddress
LoadLibraryW

Sections

.text
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xcpad
Size: - Virtual size: 292KB

.idata
Size: 624B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.ddata
Size: 2KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ