253bf8d88c9c70efab1ad574a8ede700_JaffaCakes118 | Triage

Sharing

General

Target

253bf8d88c9c70efab1ad574a8ede700_JaffaCakes118
Size

104KB
MD5

253bf8d88c9c70efab1ad574a8ede700
SHA1

0ff7cb4f7e554c7bd33159ecda145e7134edc845
SHA256

dfc9caf8a83ec514f7d391b90b75f9e58166aab099f36309c5c43ea6d97fae0b
SHA512

ef88509ac2660064300a95239f9cfc635d8b42f51787ba603ac54bbe7a0e02cbcbb439ac31d6edbf4659f686c2c632891aab5909033f391090661ca6e03dd057
SSDEEP

1536:BaTKv0eAIRj05R/gg190eorCLPrT3jTsnaW7cLBUi0M7Pm6vs565ex/P1:EA2IRjEYgUV+X/saAym6E565eF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
253bf8d88c9c70efab1ad574a8ede700_JaffaCakes118

Files

253bf8d88c9c70efab1ad574a8ede700_JaffaCakes118
.exe windows:5 windows x86 arch:x86

67b2c4d0014a77c47ac26d63bc9993cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

aclui

CreateSecurityPage

kernel32

lstrlenA
VirtualAlloc
LoadLibraryA
GetProcAddress

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 406KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 138B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ