018ffec0fb878d2bb620fc5af78e6665_JaffaCakes118 | Triage

Sharing

General

Target

018ffec0fb878d2bb620fc5af78e6665_JaffaCakes118
Size

27KB
MD5

018ffec0fb878d2bb620fc5af78e6665
SHA1

05ec39a97248e27fcf26ab27f6bcb5e66ad7627d
SHA256

82c0731eda90446e15fce2c4e598e3228e7f0a512141c5bab269a6336ec900ea
SHA512

d4f5fea52d2b2bcf06b7c7682edf0ef076901ab7e8cd15dcb6fbba87355d312ebe5c445900033c27b6db840e8701de59237d1c5bc7e0fd250f5855ff82ae5018
SSDEEP

768:zZ93t+UZqmH6itVA5wrRCDaewBDaaYSqJ6C:f3IiH6itVXCD6D/pc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
018ffec0fb878d2bb620fc5af78e6665_JaffaCakes118

Files

018ffec0fb878d2bb620fc5af78e6665_JaffaCakes118
.exe windows:4 windows x86 arch:x86

541160bce55bf5030f1053d9ca2f310b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

ExitProcess

Sections

.code
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE