2a75fdb0542188403e85e44d978faab9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a75fdb0542188403e85e44d978faab9_JaffaCakes118
Size

288KB
MD5

2a75fdb0542188403e85e44d978faab9
SHA1

c352cdecb50ba8fa96c226ff5149696dedbdd434
SHA256

37c3073b4ec6a69b57bbb9cfacd7278022e021dd0cb7a89ef598a2d4581e0473
SHA512

167cca6a380a3484aa25a17ab4600ee47abcf32e7cda94db6d6432e1f458a03230add0616df1f6a16ca1c42640f34f80b0697b27f77cc0fdda383683d5234450
SSDEEP

6144:PMOtyZs3OmwPrR2Uy6iP7RTVFoHy9ibR1LY1IgBuHoe9Y8lcKE1c:EO4ZDQURARTVFoHy9ibRhHoe9YQXl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a75fdb0542188403e85e44d978faab9_JaffaCakes118

Files

2a75fdb0542188403e85e44d978faab9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

441d2ea487b8ed67270abf412d26a0c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
VirtualAlloc
VirtualFree
VirtualProtect
LoadLibraryA
GetProcAddress
IsValidLocale
GetExitCodeThread
ReleaseMutex
GlobalAlloc
GetConsoleCP

user32

SendMessageA

Sections

EVDtCOXp
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ngQuBYfB
Size: 512B - Virtual size: 502B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xDTGUMwo
Size: 258KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE