361886c4113c196290023fcb7f3cfc03_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

361886c4113c196290023fcb7f3cfc03_JaffaCakes118
Size

6.5MB
MD5

361886c4113c196290023fcb7f3cfc03
SHA1

098bd542ad178341b672d6fc05df16b40f10a31f
SHA256

45eae8486d46a3695e6cccb011c821f889f59474c8de15fb0aaa74b6e4455545
SHA512

f197c77cc3bcaebf424a7a250d9eb0d0bfe5c2af749e01ce75cb7f4f4ebeda0f75f402bbec30683c683d8aba22fab529bfbb5e224897e7cc5ea33e2fcddc91dd
SSDEEP

196608:TcAgvkMlgW6Y4A1yXoEYH8UHiNaXCmXUNGYiamlCACJr:ngvkW6Y4Ak4Eo8UHiEymEjiaAQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
361886c4113c196290023fcb7f3cfc03_JaffaCakes118

Files

361886c4113c196290023fcb7f3cfc03_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c92746cd3b69c56e5c4ed6d3f9854fa1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualFree
VirtualAlloc
FreeLibrary
VirtualProtect
GetLastError
CreateMutexA
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA

user32

MessageBoxA
wsprintfA

Sections

.data
Size: - Virtual size: 85.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ