ae82368a2a2a029b1f0b62ef5aa9755d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae82368a2a2a029b1f0b62ef5aa9755d_JaffaCakes118
Size

65KB
MD5

ae82368a2a2a029b1f0b62ef5aa9755d
SHA1

3cf29c25e9aceccb8d222d5d4e9bbd6d19c2e6c1
SHA256

4ae1f6a88e4a79631fc7b17dee34fd71d170ec3b9b25f171a2128f04c6a78e38
SHA512

75a45d502d9e30d4121755b30ce6a0ab9f5b4090e65e37ebe42e491244dfa2f224622c6e9ce2a4839c7e075c732fc01606be81e233872ae35762f20d4d346121
SSDEEP

1536:OstKHAjD5VAY8WZhts2RZN/6zZDs62kcH7Jg:OsKHAjDWCt3RPSzRsfkcH7C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae82368a2a2a029b1f0b62ef5aa9755d_JaffaCakes118

Files

ae82368a2a2a029b1f0b62ef5aa9755d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d0da584648aa3f010e48fcbadcc9991

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

GetProcAddress
VirtualProtect
VirtualFree
LoadLibraryA
VirtualAlloc

advapi32

QueryServiceConfigA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 330B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ