f2de477b68947480a52ab65bf6363749_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f2de477b68947480a52ab65bf6363749_JaffaCakes118
Size

434KB
MD5

f2de477b68947480a52ab65bf6363749
SHA1

28572677e99bc5d67969e231c3325558e998e023
SHA256

df812d601588983fbc2cee73fdc95f7e99f9d3a47ba79c505ca93b5108d9e4c7
SHA512

9f1bf13c4026b0c72da7e623f4932ec72a9d54237abf6ede9250a0d0623cae56438ba4550eaeb9dd826b3ac8f12a55241bbf8dd1c0b04fec5c3a6bb2c29b2576
SSDEEP

12288:u6tBbF6Kl5uAcHInLQimKw5aQ0fpFT1Cvi1p28aFaw:u8BsCQHIVdZCv4p28aFaw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f2de477b68947480a52ab65bf6363749_JaffaCakes118

Files

f2de477b68947480a52ab65bf6363749_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6hb6i861
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

vohl5zzv
Size: 209KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oigv7glr
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ