aa2861f81e1a03532c1bc53443cb6ea2_JaffaCakes118 | Triage

Sharing

General

Target

aa2861f81e1a03532c1bc53443cb6ea2_JaffaCakes118
Size

44KB
MD5

aa2861f81e1a03532c1bc53443cb6ea2
SHA1

295cab28ae64897d65482be63b917d6608072ab5
SHA256

748d6cf6b6afd3c3774228d453f9b46a9f365298ba0e4cd9f4bc00560da2ba1c
SHA512

f90bf90c6b009f759351c5320074bbcb26c872d1f00fde54a52fcfe1ce3762a11f55ee3722e4c470bd0ddf3adb2b9e0bd4b16c018e8bc6236aa95eaded95d49e
SSDEEP

768:xfe12yw6uKzJ6nKBVOaS2VqL1JBrCl47e+XVTB7a:Y12yw6uKzJ6nKBwaSyqL1J5i47e+Xa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa2861f81e1a03532c1bc53443cb6ea2_JaffaCakes118

Files

aa2861f81e1a03532c1bc53443cb6ea2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.Text
Size: 10KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Rsrc
Size: 29KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE