3fed8e5ef95de4e74a5cf2ba41f7691f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3fed8e5ef95de4e74a5cf2ba41f7691f_JaffaCakes118
Size

280KB
MD5

3fed8e5ef95de4e74a5cf2ba41f7691f
SHA1

76756dbcb389aa3ee39823fc1c12f06e53b4f129
SHA256

65226bb8344965d49a0f3eb9bac47638d36b8b1184ab97d3b0d1030322bb013a
SHA512

9978ea38fc0697e5767fdbbfd18e66423fc4fa830ef08723e33f6279ce8ef3ecb486cd538ee6b83beafc05def4bfadd51c14e916e580cccfded42a5d61ef58f5
SSDEEP

6144:apn1bxyk3trkbKyTBBw1OevW2xFeluUuVhrbpAyH8:alNUk3trDyd2YevW2xFeluUuVhO+8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fed8e5ef95de4e74a5cf2ba41f7691f_JaffaCakes118

Files

3fed8e5ef95de4e74a5cf2ba41f7691f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

abl36iio
Size: - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ix9r7sg3
Size: 271KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

r..nriiy
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ