ffe45eca5de8263c76f2a3b6d3001b87_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffe45eca5de8263c76f2a3b6d3001b87_JaffaCakes118
Size

204KB
MD5

ffe45eca5de8263c76f2a3b6d3001b87
SHA1

2736f000c866550dd3831f52ab9f80e62b4b8fc2
SHA256

20a2a26d7905590a59b31cea593391f61279ac62f320e1878f127f22314f51a9
SHA512

a5c5cd9dffa48d49276f2ece54aaf71e44178321f0ef4658670d9474adcd77ed1e88fd562b28df82414f26e6b72c77dc0cbbb92810e6b3d64fc76285cd089cad
SSDEEP

6144:w1h9bbopRZV78Ac/DbOJfG6hNF3e34zLmB:U4pF78Ac//+g4fmB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffe45eca5de8263c76f2a3b6d3001b87_JaffaCakes118

Files

ffe45eca5de8263c76f2a3b6d3001b87_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3af3eabc24a8aeabb57fd851189b390e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

mscoree

CorBindToRuntimeEx

user32

MessageBoxA

oleaut32

SafeArrayUnlock

Sections

.text
Size: 3KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE