0f965431bc8de8c965ebe62d5539a126_JaffaCakes118 | Triage

Sharing

General

Target

0f965431bc8de8c965ebe62d5539a126_JaffaCakes118
Size

1.6MB
MD5

0f965431bc8de8c965ebe62d5539a126
SHA1

f9d29ae7dc794bdc4203c1ee295b8ef1b02a7826
SHA256

d8a128ef5606f20dc9f05c258588d53b51961044c9a084a3696296bd576afb68
SHA512

add1c82840c569021daab205314b5ceaf12c382d77f7652e53dae3ee57d494944884c4c7c10f7d6356058e5999f1fdc6e94d09d7dad5802e3cf9f3a24b2037d6
SSDEEP

12288:jNIfj7DDDLdddddpDYhdefOV53PLtGH3MMZ938MM95zoKGT:jEzOe2V5jEXMMgMM95zET

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f965431bc8de8c965ebe62d5539a126_JaffaCakes118

Files

0f965431bc8de8c965ebe62d5539a126_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fdd8a53a57827a7a2c48d0c0c65be18e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
TerminateProcess
Sleep
GetLastError

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 560KB - Virtual size: 560KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ