090d16d69ff50bbfca708644a7b9a0bd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

090d16d69ff50bbfca708644a7b9a0bd_JaffaCakes118
Size

21KB
MD5

090d16d69ff50bbfca708644a7b9a0bd
SHA1

6ec669e8edd0ebf59275cf0c4fa0d3cd47a2b8e5
SHA256

acf4ec18f088f9072d4c6fe13dd6af16116c3cd4882899330a26ba3bc5252042
SHA512

c89be87f6995940b3a83a8ae6135cbdd1f3dbca3ff0ab1a7fc64995d5120174c5bb90b6599d5971bffc649c308b57cbd86560dc16fc8afbf4f06c7c3cabb4a5c
SSDEEP

384:3P7OzFQreMojdHX6lv4UDTEN1sAU0NmQJEQbF47vvxlLY2sc:/651MojdHXcV2iVQJEV7DYU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
090d16d69ff50bbfca708644a7b9a0bd_JaffaCakes118

Files

090d16d69ff50bbfca708644a7b9a0bd_JaffaCakes118
.exe windows:1 windows x86 arch:x86

3865a83d097bd95d4e48a420e3486d45

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

MessageBoxA

gdi32

DeleteObject

shell32

ShellExecuteA

Sections

.MPRESS1
Size: 15KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE