0845eadb603a6169d03fd9ab8565f4e7_JaffaCakes118 | Triage

Sharing

General

Target

0845eadb603a6169d03fd9ab8565f4e7_JaffaCakes118
Size

134KB
MD5

0845eadb603a6169d03fd9ab8565f4e7
SHA1

f49501ee151d2747daa31f408c97bf20d1a4296b
SHA256

8a6b5920515261e272d2b46d8b4ba23ddd2097c45a129ae404419e11c07cfd49
SHA512

d890348b431d0abcabb002262890d150259e3bb590de064c405d17c89a0a946fabda6c0c26acbbcee1d79563beffb0e5448088a42f010056b8cf0c29e57d20df
SSDEEP

3072:qaZoza7pPGO8eApiN64gKngsmaEgdQoQ3RlalgYwcklKKBv:hZj7B8B34gKmajm/2rwcyBv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/��˺��뱸��.exe

Files

0845eadb603a6169d03fd9ab8565f4e7_JaffaCakes118
.zip
��˺��뱸��.exe
.exe windows:4 windows x86 arch:x86

da454ca5b90eb075b7f053406e8d5eaf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
IsBadReadPtr
FreeLibrary
GetProcAddress
LoadLibraryA
GetLastError
HeapReAlloc
HeapFree
ExitProcess
FindNextFileA
FindFirstFileA
FindClose
VirtualFree
VirtualAlloc
GetModuleHandleA
GetProcessHeap
GetCommandLineA

user32

wsprintfA
MessageBoxA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 546B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 542B - Virtual size: 602B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Xr8cf
Size: 111KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

whDVy
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
˵��_Readme.html
.html