1649d2190a625ea84818c0e06ff6aa9f_JaffaCakes118 | Triage

Sharing

General

Target

1649d2190a625ea84818c0e06ff6aa9f_JaffaCakes118
Size

59KB
MD5

1649d2190a625ea84818c0e06ff6aa9f
SHA1

fa79b3dd5499cf1a2d0fcdc57869eb957a160d22
SHA256

04da146f6eacd5462b539fa1ecf30356e9735a4a665f7916eb580860fcb0829f
SHA512

058156e7f5696e9b0e4c94e7263f095b9678ab2f9ff14013af020508b5a95e0e00fd43c73eedbb3c7fd2130c6bb380ef6844061da0e3db58e0c751aa51ea3f82
SSDEEP

1536:XqPT1LJ61u7ejTjCVqj/ppnC2F1YiwNahmB:alh7sTjCVqLppC2rgN8mB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1649d2190a625ea84818c0e06ff6aa9f_JaffaCakes118

Files

1649d2190a625ea84818c0e06ff6aa9f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

diay1li8
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lgw8aw6.
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

o.pxefpp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ