f250ef1e63f9e109be5629a77dae4b24_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f250ef1e63f9e109be5629a77dae4b24_JaffaCakes118
Size

19KB
MD5

f250ef1e63f9e109be5629a77dae4b24
SHA1

ec158b2bc24301e0fbe2a6441f5cfaf49803d01a
SHA256

e3ee7df4034bf82322d60786157748c93fae5e40789ce3c1b09f6ae027e84333
SHA512

8c30d54091632c7569111db9c091aee33611de067c3ed50e9f566b96e7295a64ab56e24ae8834475a9d4909c9a4f4bc2bbd89e8d9f8129b7bc3f9bd2eb90a072
SSDEEP

384:H6j8UpvFi1YfWojLvuR4DORC7iJGB6DzO3e9YrkBkUpw6WXgNKJ49oA5ajj:aj9S1hqjU4oqHB6DMP4BGzcS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f250ef1e63f9e109be5629a77dae4b24_JaffaCakes118

Files

f250ef1e63f9e109be5629a77dae4b24_JaffaCakes118
.exe windows:4 windows x86 arch:x86

acd9fa3a74cc4c1d92998e6ad62eeb8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA
FreeLibrary
LoadLibraryA

user32

wsprintfA
MessageBoxA

Sections

.data
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE