856f9006ae6d2910f3bce6076b678d69_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

856f9006ae6d2910f3bce6076b678d69_JaffaCakes118
Size

94KB
MD5

856f9006ae6d2910f3bce6076b678d69
SHA1

110008f044a17e223d3dc4ecd90502ddd2e0a152
SHA256

0fd92916e790e6c59e4a2847b851cff9ada7d7b66c015b09d1e02cf5db9858f9
SHA512

941c050710c661df885b03ae807d06697bd0a5c4ad128351b7078c24d49bba3b973ea58e14ef336078c8aa48b0a3f480b637328a01e587cc42cca949e5c32c87
SSDEEP

1536:dAGiGFTaZi9O1cML7o8oGL1LGE2R2EWe8aqvm0Loi4lJnh3snqHO0CsNdyukfP:+GiGZSi9O/Ls8oG0FsEWZG0Mi+heRsNi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
856f9006ae6d2910f3bce6076b678d69_JaffaCakes118

Files

856f9006ae6d2910f3bce6076b678d69_JaffaCakes118
.exe windows:5 windows x86 arch:x86

faf19057d69eb1113406c65390d3f12e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ