e816a20a92c633a99dfa8cfd61ef301b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e816a20a92c633a99dfa8cfd61ef301b_JaffaCakes118
Size

142KB
MD5

e816a20a92c633a99dfa8cfd61ef301b
SHA1

8ff57bbff0c5b33819562d69eb8b5c18f048aa6c
SHA256

6163a9d435b5e1902828d3834cb7ed0179442eb7c4ef75846d9a812f6872ed22
SHA512

bd9afdc98779841e2a3b4c9ca2dbadba012d7d17945243b7d23d161c88ab7fdddb0369a801069b06d9f56b93256da65e2e494e16dbb6ec5fa0b4792ab82da242
SSDEEP

3072:M2EZhc4e8h+MyV2/a1n/cCgF30t0QXEphp1BmM+W1M1Ca2n+ShG0Rgkfp0p:pUe8hij/cCgdu0RphvBmMBqn0+Sh/Tf6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e816a20a92c633a99dfa8cfd61ef301b_JaffaCakes118

Files

e816a20a92c633a99dfa8cfd61ef301b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

m76rh7aq
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1udwfaww
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

saz7ok6u
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

36cxvwwx
Size: 140KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qi50l9sd
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ