27ee38e7a04ee9634803261f7929e87a_JaffaCakes118 | Triage

Sharing

General

Target

27ee38e7a04ee9634803261f7929e87a_JaffaCakes118
Size

36KB
MD5

27ee38e7a04ee9634803261f7929e87a
SHA1

f52c7e02b5734eeeca1a5617a81663cdff4cd36c
SHA256

023de5b9bfc7bd8eb406a84b6cb9102da0320ab4e24afb0e6d2df7a5bfe78194
SHA512

e0e4683ff0e70cf26854da2b0685d72372365cd538a84f466173ccece2d23b02a2ee9a46b205ea7ada2adb82ce5ac57c52eae290327d3a1c6c2fc756a9c987fc
SSDEEP

768:N1v2cq5yH2txMbVqe8/+VvjUevRfucz5cg81iU1iS:N1vewH2r4VV8/cvjJdzLU1iS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27ee38e7a04ee9634803261f7929e87a_JaffaCakes118

Files

27ee38e7a04ee9634803261f7929e87a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

871f566131c40f544851d687e3ef38f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
LoadLibraryA

user32

MessageBoxA

Sections

Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 749B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 269B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SoftComp
Size: 964B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE