438e6aba12c0761098d09aeb3c62d9f0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

438e6aba12c0761098d09aeb3c62d9f0_JaffaCakes118
Size

379KB
MD5

438e6aba12c0761098d09aeb3c62d9f0
SHA1

86fcf1915a9e777dbab750e3ca737393d43db407
SHA256

742f6e8374ee8c5b65a6d7e64d741b18f3be8aea067393d94bbd937127559de4
SHA512

1680334f92ad117cdc3e48096f5b707dd445e60c069ac7826ce3c86f1b023b651e71ed6110eb6d22f2f0f633c8ffe17aa41aa6821ad56767cb4bd5a605510144
SSDEEP

6144:eDBEH5bSFB3eNEGWwZlPsAtgv42xOy60DRGY/1seWxz1/Rw32sA+WDsJ9SgzxPY5:BH5b2B3e1rPl642Iy60yzfF+WDsJ93P8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
438e6aba12c0761098d09aeb3c62d9f0_JaffaCakes118

Files

438e6aba12c0761098d09aeb3c62d9f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e1f282449492d5fc7a87e6f1c3ced5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LocalAlloc
LocalFree
GetProcAddress
ExitProcess
LoadLibraryExA
GetModuleHandleA
VirtualFree
VirtualProtect
GetModuleFileNameA
VirtualAlloc

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 352KB - Virtual size: 800KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 5KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ