3b699e6a7e5fcd8b74f3e35d8a73ef09_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b699e6a7e5fcd8b74f3e35d8a73ef09_JaffaCakes118
Size

227KB
MD5

3b699e6a7e5fcd8b74f3e35d8a73ef09
SHA1

ead8442407026123860cbf9dd08948fbe28f7e2b
SHA256

1f2400f62da55a5e276e39f1f3720729f094070a25d83a8edc92d7ede6f30164
SHA512

8b0f1261459c6acba5e1a22be0c4f6414c4f5aa4e40d84d826503b4f92ebd844643205c59fd15dff2b9165fd46e233fb17491fe23cbfb928b5dcad710b2a704b
SSDEEP

6144:DynKQx9ySH8VmF9mFvg7pgn/y6lr7Bt3h+ln:DcdySGzvei/b1BfUn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b699e6a7e5fcd8b74f3e35d8a73ef09_JaffaCakes118

Files

3b699e6a7e5fcd8b74f3e35d8a73ef09_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa1ca832e28e2c6a63685365c58b52b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadModule

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ