a685a7c7cd8b3b006b198f54029572c2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a685a7c7cd8b3b006b198f54029572c2_JaffaCakes118
Size

4KB
MD5

a685a7c7cd8b3b006b198f54029572c2
SHA1

298a70af4946a434b811b809ffebe26e7c1d1fca
SHA256

194b22dd1b0e8730a0e4d18f39fb98e96acf4fdc16b55993e4f3df675ad9f5a2
SHA512

a469b7e2de40c945b5a55311c762decc769afb14af8e4d886d86ad282311b5c05c9e1a31d647e9334625d15b851569dc95e3270e4e5529ea5489b470ffc5d19f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a685a7c7cd8b3b006b198f54029572c2_JaffaCakes118

Files

a685a7c7cd8b3b006b198f54029572c2_JaffaCakes118
.exe windows:1 windows x64 arch:x64

b6d529bf37060dcd3e48a1de30b8953d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

ExitProcess
GetProcAddress
LoadLibraryA
VirtualAlloc

user32

CreateWindowExA
DefWindowProcA
DestroyWindow
DialogBoxParamA
DispatchMessageA
LoadCursorA
MessageBoxA
PostQuitMessage
RegisterClassA
TranslateMessage
wsprintfA

Sections

.flat
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

api
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE