2eec4d39306bec7fc0e8e9b98fe086f8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2eec4d39306bec7fc0e8e9b98fe086f8_JaffaCakes118
Size

11KB
MD5

2eec4d39306bec7fc0e8e9b98fe086f8
SHA1

b08aa1c367111e10e9b800784ddcc6c336b40866
SHA256

5ab5acd23c89afee53d2d7c4cab7cec8e648bbe9304503b654ee9c43311a16bf
SHA512

e3508b95ef5f9d29dd63a05331282ae8dc75685a8ae0197f8d55dfb970a77dc39465139fc12427c27288c356fc024295d9610d40487b02fd70ca906e5cb5765a
SSDEEP

96:4PEdZ3fstrO8fSIw34I/EK3PhhXpjfho5yEgeO0mWkDf:4MZ3fEa8f/lK3PhhVyRhRkr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2eec4d39306bec7fc0e8e9b98fe086f8_JaffaCakes118

Files

2eec4d39306bec7fc0e8e9b98fe086f8_JaffaCakes118
.exe windows:1 windows x86 arch:x86

105732f0c6968ac8bea2b4476eda4263

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA

kernel32

GetProcAddress
GetModuleHandleA
ExitProcess

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE