31a53ea071674db2a2767b8d0e95d844_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31a53ea071674db2a2767b8d0e95d844_JaffaCakes118
Size

154KB
MD5

31a53ea071674db2a2767b8d0e95d844
SHA1

ffb0d7ceb14a4469a9a01031efa9ac9c5c6c4289
SHA256

8a76a4a0ac0994ba59738b43462a33f1b4cd2ef24219437b5512a34fb184570c
SHA512

1daaadb8143304c65fa6d93b86f7bde501d0e37397a500bf0aa3bf5bb0d37bd708a2e878caf08c6aec0d6ec73837b31f7909f7f7e3f0c380febf6562eb89011b
SSDEEP

3072:bf6GakJEztH9Dj3XMJErvbZ0TiT+3qthzlJzh53Bwd/odHobS6Dy:bCoKpnMoVsiT+3qDp5xwdQdIbSey

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31a53ea071674db2a2767b8d0e95d844_JaffaCakes118

Files

31a53ea071674db2a2767b8d0e95d844_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ec71974y
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jynwyljr
Size: 136KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5.0n2o0p
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ