403dadd1ca87a8ef706fa2c9fa430ecb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

403dadd1ca87a8ef706fa2c9fa430ecb_JaffaCakes118
Size

16.2MB
MD5

403dadd1ca87a8ef706fa2c9fa430ecb
SHA1

6cae3181bd29f9e7d1132a806b757c1726b7ecaf
SHA256

44b63bff228fec6df455270aa46fdbd179416c5a2fd58ecbc0ecbb7cbe5365d7
SHA512

0f17b4072f41b8024517659d3288fcff84527a9d6ecaef6374fac83408cd30b015a62437226b0c747cf9e91001b9e5284a31d6b699fe797f99951a827e54cea7
SSDEEP

196608:VINctNwB7s21BGPnxnc3j8b6g9TffS4lc0YqWqyhCi+Y3gxulgHQYbAOx2qbxPoE:i40BGPxne8+g9T1O1Cn5xnHQAsq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
403dadd1ca87a8ef706fa2c9fa430ecb_JaffaCakes118

Files

403dadd1ca87a8ef706fa2c9fa430ecb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

500ff1538958cc73738bf0c262a1773f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA

user32

MessageBoxA

Sections

.text
Size: 4.1MB - Virtual size: 22.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 507KB - Virtual size: 27.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 117KB - Virtual size: 576KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11.5MB - Virtual size: 64.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE