022510a653c6e84f317ce3f46af53ccd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

022510a653c6e84f317ce3f46af53ccd_JaffaCakes118
Size

172KB
MD5

022510a653c6e84f317ce3f46af53ccd
SHA1

82b9a1be931fc95ce8ec8839d1ddb59254ec6880
SHA256

879f5bf1b3b530de967550df93d0a63259304f6ef99715df99ff3426fecf20a7
SHA512

099692a15c478438c8cb45011c7934ded19b1328cb2f2a2c1ee71d9b3f2177a26e79ddd135a713702fa9e2451f4d8b54cdb754246fc9458f8953b8cb18e06e07
SSDEEP

3072:sfafh26xkmOHM5cWun+Ct51NUZ3PYsqzorje5ByWfojQsWKddFl05yh:QapnxOsItWZfVrynyWfokKdEy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
022510a653c6e84f317ce3f46af53ccd_JaffaCakes118

Files

022510a653c6e84f317ce3f46af53ccd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93361f8c6c57c9899e28c079929db992

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetModuleHandleA
FlushInstructionCache
VirtualProtect
GetTickCount
GetLastError
GetProcAddress
LoadLibraryA
Sleep
LocalFree
LocalAlloc

user32

wsprintfA

Sections

,>8kl<1=
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

wp5tVF1y
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

`8p'*a3a
Size: 4KB - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

=a0s^UkY
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ