35f21f838888850be1a6a7e831a88e0c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35f21f838888850be1a6a7e831a88e0c_JaffaCakes118
Size

91KB
MD5

35f21f838888850be1a6a7e831a88e0c
SHA1

ead55b0e4019281b994448672d4b54d32c1eb597
SHA256

ccf1fc2c71e5bd8228b32ac25e9a84da7a0b6fe1a2979fcb17ccc07ab8206ec0
SHA512

22b67106ece8054f2bc138d63746af1111bb1e02d19a15208c59fae4e76e82ed05fdf6e882cb9afae99a2ffd9e9a4682426ff99b39de68355ada01b5e833450f
SSDEEP

1536:/qVww4NAUM3sypZFuNTO9bfh61BJgp1tAe24gy6p4sXcDYqsN8a6Kb1/oc69NFvF:RdAiypuV8r+Bu3Ae24P6p3gYqsNp1AJt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35f21f838888850be1a6a7e831a88e0c_JaffaCakes118

Files

35f21f838888850be1a6a7e831a88e0c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c92746cd3b69c56e5c4ed6d3f9854fa1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualFree
VirtualAlloc
FreeLibrary
VirtualProtect
GetLastError
CreateMutexA
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA

user32

MessageBoxA
wsprintfA

Sections

CODE
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ