3b4798aebc9ee6e19ec7b7133df16fe1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b4798aebc9ee6e19ec7b7133df16fe1_JaffaCakes118
Size

629KB
MD5

3b4798aebc9ee6e19ec7b7133df16fe1
SHA1

e9dbccd9de6e53737f17f5fa004cd916b178c938
SHA256

620e0cc9f8236f6e47a7434de76fe65e0a15f86269d895ccec65eb5cb214adb4
SHA512

c106c220e5f5b38f6e5434226d01c0f32b4318aa739f5a8f4cf873660e2152622f7bd652d7f5c3e8662b0c90b653e94fa092d976ead1231f6aa622a1d1b84d58
SSDEEP

12288:KXHLceRrbfb+Dn1aiVrG+virvNZ5wQisRaYmTtKYY4wZ7/q:KXLBk1aKQNZ7lWBl8Jq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b4798aebc9ee6e19ec7b7133df16fe1_JaffaCakes118

Files

3b4798aebc9ee6e19ec7b7133df16fe1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1c372311534116eeffdf56f3f6c69c5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
ExitProcess
GetProcAddress

user32

wsprintfA
MessageBoxA

Sections

/APES/
Size: 22KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/APES/
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/APES/
Size: 601KB - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/APES/
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE