f1f66140c01f4f649b5023ecf8da686b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1f66140c01f4f649b5023ecf8da686b_JaffaCakes118
Size

203KB
MD5

f1f66140c01f4f649b5023ecf8da686b
SHA1

63ae70fa16eb1c024c23c6eb2687812f43b1e664
SHA256

75463e73988dd9aea1ffc08d1e30e3e3369ad2e5a86b2625a951496ce1cafefb
SHA512

9e2760923fc70edc456d25fb0c165896ae15b7a306b85dd198074a40973ebd779f6d5581d0db541b6c9338a75dc31ae5cfd5b2386f35e48efb0e7551e1ef4d97
SSDEEP

6144:KlKB/DsohtTxBLrHcPdIXJhebe+Tq5pC7YWVscX:KlKhYohtTjLwPdI/elUpC7YiZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1f66140c01f4f649b5023ecf8da686b_JaffaCakes118

Files

f1f66140c01f4f649b5023ecf8da686b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fdbfec85672f73d2a4d49635454936d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
ExitProcess

user32

MessageBoxA

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.perplex
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE