0e02eef53c6cf8edafbd3814071ce67f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e02eef53c6cf8edafbd3814071ce67f_JaffaCakes118
Size

803KB
MD5

0e02eef53c6cf8edafbd3814071ce67f
SHA1

21766c58d894f816143a872bb72e90425c590107
SHA256

1e1623bda6ed1ec09156e121543028167c21ba78173a3b37e584434771ea93e3
SHA512

1aef0db5781b81b0e38f3c9f91cb29269fa6f616a814b88a26de55d129fbad179154c391c4ca8bc23ebdd20c747c6e0f1a20b24d2eb503cfb1d67a07f70ddc31
SSDEEP

24576:GHxYCxLzqPZk5bf0gkHLqEPJfliAeHZcFi+sd:aYCxLzqPZkFf0JHWEPJdiCFps

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e02eef53c6cf8edafbd3814071ce67f_JaffaCakes118

Files

0e02eef53c6cf8edafbd3814071ce67f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

m2.liwj8
Size: - Virtual size: 840KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vbosdifu
Size: 10KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

agf26olk
Size: - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

73kbryvf
Size: 790KB - Virtual size: 792KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE