2b259bb72a7730d253f4eaaa4de69473_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b259bb72a7730d253f4eaaa4de69473_JaffaCakes118
Size

153KB
MD5

2b259bb72a7730d253f4eaaa4de69473
SHA1

8bb6ee5826d2fad5bd25b2cbe2c204747163440d
SHA256

80c0d7f8c2e2693c184dce6f03c417bff0ce7317227f6ccd281b81aa2d04943f
SHA512

5e006b3ea148ec9f82c2d62c21af2e77cc47a74b753e70987608676fba010014a97f87dbddacfb4e55c7630bbd540e305387a11069c8255934a9e69b0f9044cd
SSDEEP

3072:73yGFR5YPiBtidkL5uVTVptoBMnvkGhY61uad5trQTuh+ZmtcG:zYPstiSoeoq6LdLQG+gc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b259bb72a7730d253f4eaaa4de69473_JaffaCakes118

Files

2b259bb72a7730d253f4eaaa4de69473_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1792ce3d8371476a228f3db255f83ec7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
ExitProcess
VirtualAlloc
VirtualFree
VirtualProtect

user32

MessageBoxA

Sections

Size: - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 128KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE