89b88b71009cf62c2a4ed1a71295852d_JaffaCakes118 | Triage

Sharing

General

Target

89b88b71009cf62c2a4ed1a71295852d_JaffaCakes118
Size

340KB
MD5

89b88b71009cf62c2a4ed1a71295852d
SHA1

77ad0861205647637faffd2d4a61626f87e05763
SHA256

581490a74dcb2add624f9e4092e9cfce6dbade4127f14cb2f7b2736aa9b41c4d
SHA512

b99a7d5cd4d68c21e08e8520b34bd1b6a8adb2cc2d62972229361d5c9e9dbc0cf92463cb627e6f4dd53a7de285ab18be4e304b10981c2e9462d0a65030f7e658
SSDEEP

6144:/Se+E6yFxOR83At5uOtR/FQ7OX19i0zfDUKnRVndmfHw:/Se+yxOq324Ora7i1ZLUKnR/uQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89b88b71009cf62c2a4ed1a71295852d_JaffaCakes118

Files

89b88b71009cf62c2a4ed1a71295852d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 329KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE