88c7f62a0c36f93c8a2a89744e4bcd0a_JaffaCakes118 | Triage

Sharing

General

Target

88c7f62a0c36f93c8a2a89744e4bcd0a_JaffaCakes118
Size

118KB
MD5

88c7f62a0c36f93c8a2a89744e4bcd0a
SHA1

e075cef27a5678b31763e19258576b41b079ff9c
SHA256

ecea16921633ef06e2268788055af5843d02a86a0592137996cff8122d684be5
SHA512

db7c40bfc4989da8811150338ccba108c7b5ad10ab5dadea81ca38d74e55cacd2986077c0000a8b3b5092fc1d9007c5e5428029c03529422d4c368218143f89c
SSDEEP

3072:Hjs/Gb+l/XJSv93Hili9cPWmvMExaLM7PaEtvM8E:Ds+SBSv934ieOmv7S0PrtvMz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88c7f62a0c36f93c8a2a89744e4bcd0a_JaffaCakes118

Files

88c7f62a0c36f93c8a2a89744e4bcd0a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd7759ebaa002c72e2b38175afa4e123

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
VirtualProtectEx
LoadLibraryA
ExitProcess
GetLastError
OpenThread
GetThreadContext

user32

PostThreadMessageA
IsChild

Exports

Exports

Admajldq

Sections

.text
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA2
Size: 3KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsec2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ