bfa26e11a117155b74b9f5de084275b1_JaffaCakes118 | Triage

Sharing

General

Target

bfa26e11a117155b74b9f5de084275b1_JaffaCakes118
Size

158KB
MD5

bfa26e11a117155b74b9f5de084275b1
SHA1

1599e12fa2e8cd90f24e8ef676be8acbf77a2e84
SHA256

94d7019f5f88231dc1e359d7251721679853670f5f0bdceb2536b2eb52ab3c61
SHA512

49934d5440daf29daf1437c07c0fba0f38b740d825142fc57b1debb3bd8e2d93cddca4eeee7ccfdca1813ce7acc4dacfbdaf0c123446b8a9c3f323d73158d1fb
SSDEEP

3072:vs/qNCseOMAwMC/i4S27qy56G5B62HV6QbrEGKmWTTDCsNvGB:vs/qLCM8dbzVYQn39WXNc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfa26e11a117155b74b9f5de084275b1_JaffaCakes118

Files

bfa26e11a117155b74b9f5de084275b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

0
Size: - Virtual size: 400KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 151KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE