27088ce403f6b3871160e13a7cc6e3b3_JaffaCakes118 | Triage

Sharing

General

Target

27088ce403f6b3871160e13a7cc6e3b3_JaffaCakes118
Size

74KB
MD5

27088ce403f6b3871160e13a7cc6e3b3
SHA1

3ed01cee665e94cf90feb6974d1666a7a0edda50
SHA256

3f9bed2111be55f82d89e06c4bb9ec57c5fb2645c265bbe79f99a47c5cf9e3d1
SHA512

a6a08f39d7342c18fa77adeb2eacb1e3d21457e658af4229a2ac6e40ef902e0c359bceb9956d8c27dce651441dcae177adfc794f3741aa605715a5d6f6079f24
SSDEEP

1536:KoesuA6W1i1nXEhfBFsl1ImXpWV6StCwN3ZyZ1e3x1n:ksvenXEtaXC6StCws83xZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27088ce403f6b3871160e13a7cc6e3b3_JaffaCakes118

Files

27088ce403f6b3871160e13a7cc6e3b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

code
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

text
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

05s2i.mo
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

aa0iftbz
Size: 72KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hcqq85jh
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ