0526c435b9a2708d2785f62155a41d6e_JaffaCakes118 | Triage

Sharing

General

Target

0526c435b9a2708d2785f62155a41d6e_JaffaCakes118
Size

112KB
MD5

0526c435b9a2708d2785f62155a41d6e
SHA1

de037bdb582609e6363fe84df75ee4eec67cc9f8
SHA256

705708c301b3e9b3a5d388dc0f6fc21f1865c5f456c72270c3e64a13afa2171a
SHA512

e09ef755a579aa7ad02181533aeb72b154839a068f6fbb6a811b7469309ddad86d341ac53b76c502fa5b921963fd77fc27a7ed3ad144444fef3bc400c55a0f14
SSDEEP

1536:2Wh4/Rk21ZvEndSJzfoG8XvkHB+zUTPmHXxjnANHhhXQp4YSo1:2kQRkk5E8z8XvkHB+oT+3xLY8p4YS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0526c435b9a2708d2785f62155a41d6e_JaffaCakes118

Files

0526c435b9a2708d2785f62155a41d6e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 478B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ