eaddcf8804dbdf448b034407580a926b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eaddcf8804dbdf448b034407580a926b_JaffaCakes118
Size

516KB
MD5

eaddcf8804dbdf448b034407580a926b
SHA1

3ffbb933e2ab4367de78035e98b75e6ebf7449e5
SHA256

0130ae2a30704b8f643a5de8655bfe64970f0876b4b19ffeca030d693179195c
SHA512

30687df0ae1a5e18844dee550f4e5754e29481be69f5616ea976bcf15caad8705b6c88b3d2fd318c191be1e794e296bf0dc36d8de309970b02ed6a2a005dd768
SSDEEP

6144:7CKQXc2A0y79N1IImDw4iZ+vf8+p1qTC7gJTGzQ:7CXXc2LU9N19msTUv/t7gV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eaddcf8804dbdf448b034407580a926b_JaffaCakes118

Files

eaddcf8804dbdf448b034407580a926b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 47KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PACK
Size: 160KB - Virtual size: 416KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE