f79cb21dacc2a2537a67441be7c46293_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f79cb21dacc2a2537a67441be7c46293_JaffaCakes118
Size

33KB
MD5

f79cb21dacc2a2537a67441be7c46293
SHA1

75ad05dee1b09b81f46d13d6faf32948802b27e3
SHA256

a88c98bf955b1123480f75625ad8585a7a507cfaf6ab91c7e0dc085e091f57b1
SHA512

824a69f2afa8b82b5cbdb6e5db2b79c128301e136371ed3d0693b1c57075fda42122dc69ef3f6979f2b9f0341fcbdbbbd260d5a7c37faa565e3b92a127015b5e
SSDEEP

24:OEhu70OUIZGsABcYbr29+O5qHeUJz0AtiwB8E6kB4tdrDdkMVgAd8oZ5:OEP/BBV29+UUN0Ar8EzB2tyMVgI8y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f79cb21dacc2a2537a67441be7c46293_JaffaCakes118

Files

f79cb21dacc2a2537a67441be7c46293_JaffaCakes118
.exe windows:1 windows x86 arch:x86

105732f0c6968ac8bea2b4476eda4263

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA

kernel32

GetProcAddress
GetModuleHandleA
ExitProcess

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE