1ae6c1fa072ac7b7c7ad6d29f675107e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ae6c1fa072ac7b7c7ad6d29f675107e_JaffaCakes118
Size

455KB
MD5

1ae6c1fa072ac7b7c7ad6d29f675107e
SHA1

033536956d021c6fd4ae3b75f790da930d1f1fe2
SHA256

35445e421c84df79a713004c2aec2aac3f7f02d34099f3388a1355020887816a
SHA512

eda825529e13f5e73b510baed7753745000f5c06e16fbc448aa36dd84ff867a0fe6e52c0d0df3d082ea7afe1bda5de12aabbfc9ab10b4de7889afb1140b11785
SSDEEP

12288:Ov1eQWq1dhZH6+wyGaaQ7VzyH5dRS3fBKB0DTRk+/:m1eQWedhZaReaQ7cx6fBKB0/Rk+/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ae6c1fa072ac7b7c7ad6d29f675107e_JaffaCakes118

Files

1ae6c1fa072ac7b7c7ad6d29f675107e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd227ba966c127e93fe82f25f211eaca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
ExitProcess
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA
HeapAlloc
GetProcessHeap
HeapFree

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 71KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ