091be99cf7b6735e97c61a3f7ca1422f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

091be99cf7b6735e97c61a3f7ca1422f_JaffaCakes118
Size

309KB
MD5

091be99cf7b6735e97c61a3f7ca1422f
SHA1

605d2c7f07754fc6bc8e8e116e1cfba49516bec6
SHA256

6a7530bcc317200057428dd3edee1c95dd4725afb66f14c2d2c7cfad5e5a1e6a
SHA512

1d0a5867c1be75408d66ad5cc43e71d3975e1ae5a28186a32209230b86358039b63f1446caf9b8767a81f3a7d011f7bd88bd1f611298beaa4e6de8beff13ea7d
SSDEEP

6144:1p/QDW1gglA5mUXr2XyDiWVU4AQPcX5UQy6ndQeuaj9:1pY8g+ATXr2XyuW/hcXqQTVlj9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
091be99cf7b6735e97c61a3f7ca1422f_JaffaCakes118

Files

091be99cf7b6735e97c61a3f7ca1422f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

acd9fa3a74cc4c1d92998e6ad62eeb8f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualFree
VirtualAlloc
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA
FreeLibrary
LoadLibraryA

user32

wsprintfA
MessageBoxA

Sections

.data
Size: - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 295KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ