3bbf5da4b58bb4b82cc4568f1274a64b_JaffaCakes118 | Triage

Sharing

General

Target

3bbf5da4b58bb4b82cc4568f1274a64b_JaffaCakes118
Size

87KB
MD5

3bbf5da4b58bb4b82cc4568f1274a64b
SHA1

8d8de65d72239e0ed3e9091ebc7545351da65ce6
SHA256

01da0487befd3feb380da7434a1aa5d6e5218f0d13fe758972e378c18c7dc949
SHA512

66d76ccba58d380ecf7fd585f62e91e3e62431cda1d2878b64d616d951cc5f30c65c5a6cf905e46b24575533e30ed95f2a1d53a7eba13042e72527a33b19574e
SSDEEP

768:14NZ90caYDpWhuxKWnfx5Tn06S6bnU+5XCRhvhHIFoAOoYsiLNSTignVL+Wa2zWk:GZVrDsAfEunU2XCfvWFo1rBdgnV6d+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bbf5da4b58bb4b82cc4568f1274a64b_JaffaCakes118

Files

3bbf5da4b58bb4b82cc4568f1274a64b_JaffaCakes118
.exe windows:9 windows x86 arch:x86

78c30aaa462eb7f45a078d15690b70d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetProcAddress
VirtualFree
LoadLibraryA
VirtualProtectEx
GetLastError
VirtualAlloc
CloseHandle

Sections

.text
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ