95e26ab10b120c8a418e73c0a139a615_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95e26ab10b120c8a418e73c0a139a615_JaffaCakes118
Size

29.3MB
MD5

95e26ab10b120c8a418e73c0a139a615
SHA1

d5b5c200f3ee219689c2034da103d15c838ac854
SHA256

2786aa28e6bfefdc1fe1bc3805842e7e587813bf5243846d3e65e50ff0e0e16b
SHA512

576c667bbe4b3a7612c1bf5f1cf7c8ab16e4e696ffa9b62f10af5130e7f4a694d68f80bdd5c7afa32680730d9df8e73f827f32676e10a29f5826bbd07c5761d6
SSDEEP

768:Nyijk2ncrz10flEFtnqbb/6FjEaC8Ve5o5:42coWn0i9Eh5o5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95e26ab10b120c8a418e73c0a139a615_JaffaCakes118

Files

95e26ab10b120c8a418e73c0a139a615_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 34KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE