045c462ac14e24a5116bca9ad8c5b973_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

045c462ac14e24a5116bca9ad8c5b973_JaffaCakes118
Size

438KB
MD5

045c462ac14e24a5116bca9ad8c5b973
SHA1

cabcd8c54308c18e7419b2f10858874121e7c27f
SHA256

0bace9c80e2dffbb4225d369552ccd0f85a466a75c9b0141ffdf9306a8bde798
SHA512

f88afc03866b228e934cb307175f960f96289c3745eb3effa60bacfd43f2045aaf96d43c5123f69591104b14ba770fe03d7b36960a08ca4644b4c913b342d172
SSDEEP

6144:u2QPyTGIAxm/znFUdb+2zWRuAcHIkAiJWOMCLCkauY7EU6C3Jx1unc1nec96yYuN:u3P4BzF6KlRuAcHIZiJbK6MEnc54Ir0Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
045c462ac14e24a5116bca9ad8c5b973_JaffaCakes118

Files

045c462ac14e24a5116bca9ad8c5b973_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

e35fkzww
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

402s6w1x
Size: 212KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

c.zdclxv
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ