f733cb8093c73f51b4660f50159838d7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f733cb8093c73f51b4660f50159838d7_JaffaCakes118
Size

590KB
MD5

f733cb8093c73f51b4660f50159838d7
SHA1

b682ec57d53b3898a17c7a8b449cf5fc50821ae7
SHA256

0b70d97a5451eac9c3980f1620982cd09782cd35935af17ff21e1d8b245924a0
SHA512

fb9a5f6769358e4e09d8f754c8c71f7368b1b7f390297e7c7738a2342fffcf76e5d6885a1d870dc83893a4c279a0533fcc49a7d8e79c97ca712ac00fe0384f60
SSDEEP

12288:ZfA2nqre8tOztrJuhWNw2Fq6OdoO4PHeDlE2N6mSIc:Zflnq2zhJu8wAq1do9HqdN6H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f733cb8093c73f51b4660f50159838d7_JaffaCakes118

Files

f733cb8093c73f51b4660f50159838d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

820ab24e53af2dbafc74d24f87e40262

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA

comctl32

InitCommonControls

kernel32

LoadLibraryA
GetProcAddress

Sections

.pelock
Size: 519KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pelock
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pelock
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pelock
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE