059c707a322431f8064537cf2e777fbc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

059c707a322431f8064537cf2e777fbc_JaffaCakes118
Size

32KB
MD5

059c707a322431f8064537cf2e777fbc
SHA1

391275a9490944f805915d73ad2e4ba1425944e2
SHA256

faa4c1e7671699bf1b0c9f7f24775de24d9e9203bc8ae9cb521d32f618bf4c0e
SHA512

290ba0958068d707d72c8ea273a5ed213b1a5c054f93ae847a4ab5705e84d143f0dcc0ccf6752ec50f59435d498e1b90aff0c9ba029496c6c666535d3ebdd8c7
SSDEEP

768:/5hwE37nMaZY/aazPv3CQQ6pXA8HfHXopUq9:/7MjZPv3CX6eMfXo6A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
059c707a322431f8064537cf2e777fbc_JaffaCakes118

Files

059c707a322431f8064537cf2e777fbc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46b0675c1fd7681c7b19a1c83d5aff83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
ExitProcess
LoadLibraryA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 17KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.asprsc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ