a613635bd31758b607480d6f470eac96_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a613635bd31758b607480d6f470eac96_JaffaCakes118
Size

31KB
MD5

a613635bd31758b607480d6f470eac96
SHA1

efc63818dcb63cf2d1abedf0dff13b5ad8dff43f
SHA256

00b8206f205acfde8653e8a612436bf8192de8da225fc87452ac240d172c527b
SHA512

e2f04c9835efa7ab011639077d2745cd94ea67c82c8c02d83ebf879cb36ac2bccbb2dc77bddeb51f3b044061dc93c72eb4cfa49b0e26e5139cace13a88fd993c
SSDEEP

768:MUH0DtZ9mpV7EZzLfbkFmN0uJzuW+NvfkHa:EXMV7EpDb8mzuF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a613635bd31758b607480d6f470eac96_JaffaCakes118

Files

a613635bd31758b607480d6f470eac96_JaffaCakes118
.exe windows:5 windows x64 arch:x64

1e8531792606893b27c09b77c86a7ac4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetModuleHandleA
VirtualAlloc
GetProcAddress

Sections

.text
Size: 512B - Virtual size: 105B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ