165b534bf3b2b0055eb7f21ea8c9b3b6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

165b534bf3b2b0055eb7f21ea8c9b3b6_JaffaCakes118
Size

275KB
MD5

165b534bf3b2b0055eb7f21ea8c9b3b6
SHA1

f5382a6c4a75394743a1285a0bbb6fe2dc909239
SHA256

e6bc13af7acfc97b1b5eb9b1043b071e98fe39f84457ba7689d69ee4f63b6154
SHA512

1b462d696efeede8aefa5f22aa770821c506c8117fb2f661cbe208b79d6eac886a4ce61496e57f2ea285485a6af5e9eb8cbc8d82610d6f64f398f9e60f9bf325
SSDEEP

3072:SNC2KpBZcJJ+fUz1MlHnw0AlBdolpTL20dJPi1trWxGvgRaBxYnwWSlvO4B0pc+1:yC2/JE6yw0XvK0mBRFjB2cM9X9EJlOf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
165b534bf3b2b0055eb7f21ea8c9b3b6_JaffaCakes118

Files

165b534bf3b2b0055eb7f21ea8c9b3b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

acd9fa3a74cc4c1d92998e6ad62eeb8f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualFree
VirtualAlloc
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA
FreeLibrary
LoadLibraryA

user32

wsprintfA
MessageBoxA

Sections

.data
Size: - Virtual size: 772KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ