de56c25f68e2c5bae23e320bc1a144f3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de56c25f68e2c5bae23e320bc1a144f3_JaffaCakes118
Size

62KB
MD5

de56c25f68e2c5bae23e320bc1a144f3
SHA1

e308565cc2f63b16b6901f0fe14f04dc1b66be77
SHA256

a7e54ceb57c60ef5d238695d59464916b5d0ef6d8062dbaa758e8d433b3c231a
SHA512

e96da655d54f482c73d465d77faebc279fce7b1ca356990bb2fd42714f5b0615ad54b157d7e8d425906445efcf8df4a4b07f4965bdc4ea868a4e639d2184d7b4
SSDEEP

1536:6B069KC99ZmjUzowmqGtdTGzjQwKjvSXUEBzpuWR6:6e69/mjUzowGnTwjnKjaEmzvE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de56c25f68e2c5bae23e320bc1a144f3_JaffaCakes118

Files

de56c25f68e2c5bae23e320bc1a144f3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

62bee965f8b62b5f99c7ad5a7d85e03e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

aclui

CreateSecurityPage

kernel32

LoadLibraryA
VirtualAlloc
GetProcAddress

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ