4e65c3fcdbaa617fcb680cadee2c7b15_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4e65c3fcdbaa617fcb680cadee2c7b15_JaffaCakes118
Size

4KB
MD5

4e65c3fcdbaa617fcb680cadee2c7b15
SHA1

4da132d4b5dd94529f6eff1bd3f9c59351a694e8
SHA256

4514dfc963915a0ff67acb2f160c7765af289870cd96af82149072d0385b5766
SHA512

873987ec7bad1d4c3faf8bbb98f5bd0d2d4cd0eb3a865fe1231332ce46656cbb83be8197724662f9b71cff5b40757d90d8cf615308e7cc1bb4157e60725fbaa7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e65c3fcdbaa617fcb680cadee2c7b15_JaffaCakes118

Files

4e65c3fcdbaa617fcb680cadee2c7b15_JaffaCakes118
.exe windows:1 windows x64 arch:x64

b6d529bf37060dcd3e48a1de30b8953d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

ExitProcess
GetProcAddress
LoadLibraryA
VirtualAlloc

user32

CreateWindowExA
DefWindowProcA
DestroyWindow
DialogBoxParamA
DispatchMessageA
LoadCursorA
MessageBoxA
PostQuitMessage
RegisterClassA
TranslateMessage
wsprintfA

Sections

.flat
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

api
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE