405c299c2e1828b88dcd47d1e7de7769_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

405c299c2e1828b88dcd47d1e7de7769_JaffaCakes118
Size

150KB
MD5

405c299c2e1828b88dcd47d1e7de7769
SHA1

d498e4b656a3e69c27324e42e6389fb228ca119c
SHA256

5ed739d28da787d9a915c5559c3085d1b5e07516f6705d718522503365ef4f18
SHA512

81b236e56aae554f31f80e2f4901e26693ba2ad2ab435d9663fc6dbcbdb36a4a5fcf5051d9c4bbe062363f8370269dadac1e34bd9a3014136dfa48c22a5b21ec
SSDEEP

3072:7k5MMSHclzZqblEyiq+PZGq2SpFUzWr3aOP+ZkWog:7MZSHclzQJEyEPH2SpyzwaOZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
405c299c2e1828b88dcd47d1e7de7769_JaffaCakes118

Files

405c299c2e1828b88dcd47d1e7de7769_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c372311534116eeffdf56f3f6c69c5c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
ExitProcess
GetProcAddress

user32

wsprintfA
MessageBoxA

Sections

.text
Size: 118KB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sinaps
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE