eb244c1dbde2fd8f81b0b688c9690fdf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb244c1dbde2fd8f81b0b688c9690fdf_JaffaCakes118
Size

57KB
MD5

eb244c1dbde2fd8f81b0b688c9690fdf
SHA1

9efc034e39aa4636f469056f6b26bc0bb0da06f0
SHA256

f0102fdc9fd1580a4a077407139bd19a570cc140f16d750280ec2588adea9be4
SHA512

d4f1a7b415015d6b227434415fd77fe79d702ee9e06952bc363b2212f6b2fed0b8a5bf789f6b29c024ef546cf0dfdec3afdfbb8436c2fe624cef50391cb5a9f6
SSDEEP

1536:y16Gj+WVFGsh8p8Txzn2yh/ofBFt5CBKmS:kpjdFGE1n16OLS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb244c1dbde2fd8f81b0b688c9690fdf_JaffaCakes118

Files

eb244c1dbde2fd8f81b0b688c9690fdf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 47KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE