c1af37af50d7ba48600a0c2275fed4a0_JaffaCakes118 | Triage

Sharing

General

Target

c1af37af50d7ba48600a0c2275fed4a0_JaffaCakes118
Size

64KB
MD5

c1af37af50d7ba48600a0c2275fed4a0
SHA1

05793f165796956d3c1b3be9bd6838200fb86696
SHA256

1b73c92ec2c5d7f750b9981c71b431f07f59f442a1af88849068ad6da1c99ea2
SHA512

766e1140e201961e5819b793bb8248baf0845f9dc6b8eecc0413f54d29e1cd9f06c5e21f63dba4fc4ade4c3663b0873dfb9aadea995283002a03d65974cec5ff
SSDEEP

1536:OZWKJJMguNNdxzHni3gkkJIv7R9wg0a2h+b:OZWKJKVNdxDrkAIN9wRaz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1af37af50d7ba48600a0c2275fed4a0_JaffaCakes118

Files

c1af37af50d7ba48600a0c2275fed4a0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 44KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE