2a222007fd2209eaa03eb22fd29066a5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a222007fd2209eaa03eb22fd29066a5_JaffaCakes118
Size

180KB
MD5

2a222007fd2209eaa03eb22fd29066a5
SHA1

d9ba716692f1345b855ecd05ccfb607a9f14e4d0
SHA256

9333e77c7c4f7ce821bcc5b33479aa3d066b1fb9e087760ee157c0c0037238cd
SHA512

f58fa2759ec603bfaf17de1f26cb6867e2224c96cf7e8852796d7d322c548f62baeff528daac51ab77506f4f948f3ac9f6f0d0d9a4ba850317476ffaf5124f34
SSDEEP

3072:qvH5uibFSwkpksm9jUOuwmeuxzqn1TVhaDu4KkUCSb0sBI4sVaokc:qvH5uBpnmBzrGzqnxcu4KkUCWtBfgj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a222007fd2209eaa03eb22fd29066a5_JaffaCakes118

Files

2a222007fd2209eaa03eb22fd29066a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

s4c.e1sd
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

1rs1j0qz
Size: 138KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

e5k5ljkd
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ