0a867b5c9ccd83364627a4a1a046fc73_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a867b5c9ccd83364627a4a1a046fc73_JaffaCakes118
Size

97KB
MD5

0a867b5c9ccd83364627a4a1a046fc73
SHA1

40e9e118be3c1f0b19b72b790651d77bd404e08d
SHA256

69436e565a9025895ee6bf4ea34c583c016937c2a89900185523b04532d72ae2
SHA512

3b994551caf5c89337cf990c5d754f4b014369d4d38f0d03926fbf35fd15953bb3786b333c77419f17f42b484cf26eaceb30ce6f70b2b3875f7139423b0fd7da
SSDEEP

1536:EhwujXYW89SflxYL5i0CVNl7aB9Ing2aI1E1luEc/:8wE8IlxYL5i51fng2aAELuN/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a867b5c9ccd83364627a4a1a046fc73_JaffaCakes118

Files

0a867b5c9ccd83364627a4a1a046fc73_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

Size: 61KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 7B - Virtual size: 7B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE