a58dd356c9dab466a811d346dba02a48_JaffaCakes118 | Triage

Sharing

General

Target

a58dd356c9dab466a811d346dba02a48_JaffaCakes118
Size

50KB
MD5

a58dd356c9dab466a811d346dba02a48
SHA1

943f59b1dec0495a9770d65dfb8d268e7523255e
SHA256

d16aa72cdfed08cb5479d1d47dc56f5ea02cf748308c08e7c681a945e24e36e5
SHA512

183aa3a764ba90d30db244d7784531e7ca1d337a05ebae896c7314dee4cf83ad53275d1fbc067ab7a22eee5972083388e3fcbdbb5414fe0a2cda54af71d79e51
SSDEEP

768:/FAyLBZVZpHG2v4nQTzidnOlRVUSMKAjFtCvZxxmKX1rtyMw5uE+Hd75o2+zt7hB:thVZpsnQ1DUvKnxrXIaHdmTt9IoQy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a58dd356c9dab466a811d346dba02a48_JaffaCakes118

Files

a58dd356c9dab466a811d346dba02a48_JaffaCakes118
.exe windows:5 windows x64 arch:x64

afde06f70eb61e4b61005e737ab36fb0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetProcAddress
GetTickCount
LoadLibraryW

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TEXT0
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ