034d51e36800011fc585d1e9471be53d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

034d51e36800011fc585d1e9471be53d_JaffaCakes118
Size

180KB
MD5

034d51e36800011fc585d1e9471be53d
SHA1

c73399d2cc53a4bdd811a88520aac4b1ac7526c7
SHA256

a672cecf45a47b799717ce156945bdb10a0ac4af8ac43167497143edddaed1b2
SHA512

6eeaa8812d42ee7f2cc56feb2b6d7a30272b6430f18a49d1d2480c23d3bf75903e09dea0e6be6ab24230b25f43ed680b37fa43b4e1fd932ed7d8185f0ae6f6d3
SSDEEP

1536:N8kwilTEhU4HDa1KkjWXUa21mc/Mue9cL:dhlohUEK9ekp9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
034d51e36800011fc585d1e9471be53d_JaffaCakes118

Files

034d51e36800011fc585d1e9471be53d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bcc72ef83efb1f1feb04585842b4fa1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
LoadLibraryA
GetProcAddress

user32

TranslateMessage
DispatchMessageA
GetMessageA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 330B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 112KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE