df52b463ec41b834e7d27e6041363da3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df52b463ec41b834e7d27e6041363da3_JaffaCakes118
Size

67KB
MD5

df52b463ec41b834e7d27e6041363da3
SHA1

bc3465ed5b94169ba7694aaaa441b81577fca52b
SHA256

a4e8e3c2e846fdfbec6d4ff52f726a40c0b209df04764d966f60bd1ffa1a8c5c
SHA512

2c7afc610d5ba8748e984d59b426e27cc1e5abdc9b7dca8ca665316396330b7d15fdd72dc08408cc91c480522d13d7b8e53ea065267d2437a69c3461cb56ad8c
SSDEEP

1536:jDtMZxBCImvlJUdAJtetUtF6GAEupbIa2LuQZEr+D:SZGImvQGktUeGP88awh/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df52b463ec41b834e7d27e6041363da3_JaffaCakes118

Files

df52b463ec41b834e7d27e6041363da3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 47KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE