187326245ca626d77632de056ba9dd51_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

187326245ca626d77632de056ba9dd51_JaffaCakes118
Size

1.7MB
MD5

187326245ca626d77632de056ba9dd51
SHA1

bbd6bf00225183706968297f5ec0175b7d364743
SHA256

91c68ea9cdea38ef6a6ef7a000bd4813dab48d9d9b348f1b4c224eef22bd4dee
SHA512

165d58bd8b455166dc94e06bee5d28949f20d2f72a98b17c5b76ff64a1cc57d44730dfd5b5777aa118a10dd3b36951d55827185ba682ff60d2bd3daaec023606
SSDEEP

24576:QbLMweoR6x2kB/DbWdMPCR0NXGKKWZZe9mT5sO+3d:QbLM6swy/HWduCR0NXGfrmTH2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
187326245ca626d77632de056ba9dd51_JaffaCakes118

Files

187326245ca626d77632de056ba9dd51_JaffaCakes118
.exe windows:5 windows x86 arch:x86

aadf5c8667fe05f652d8f2e502e2b9d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

GetModuleHandleA
GetProcAddress

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 399KB - Virtual size: 399KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ