2d48231e791cf32f53fd4924d6eae460_JaffaCakes118 | Triage

Sharing

General

Target

2d48231e791cf32f53fd4924d6eae460_JaffaCakes118
Size

440KB
MD5

2d48231e791cf32f53fd4924d6eae460
SHA1

344eeb59b20d89ede0fa536efeb32582a6ecefd3
SHA256

d73c8cc1feb8c7c0fa179c2d3afe108d771022f1d20da4f08d0b2c9f14a6585f
SHA512

500b67ad302674e09b4e2b8cf661b7509c8d8de30fd3cf73af5a4b1512f2cff9e7433cd62cdd8d9597d0d7a219008f1dac4318b9cb303cef64fb3054e45c279a
SSDEEP

6144:wzRZDxwrbZj0sGGBd9iZUkntR4m4EQCFl5BmQYCN6+Cvb8+xryTND434:ysbZYuBdYZVT43Gc+kb8y2JDz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d48231e791cf32f53fd4924d6eae460_JaffaCakes118

Files

2d48231e791cf32f53fd4924d6eae460_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cyi2v663
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

u0a1g8rr
Size: 263KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

m6r1fiq9
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ