4217dbe497bb0abbb8afb125858a5f8b_JaffaCakes118 | Triage

Sharing

General

Target

4217dbe497bb0abbb8afb125858a5f8b_JaffaCakes118
Size

1.2MB
MD5

4217dbe497bb0abbb8afb125858a5f8b
SHA1

19bea5d7c0fe3454b982aee54e14d443f195c9a7
SHA256

95e0ebeaf1a2be5d97c10510378bbb92458f9e5d28ecd6cd2878d3a631663f14
SHA512

3adb5b2357e3cb29a76d1c7eea97bb48528703935140858faae126d520b993f3e4302bdd6fa1925352f20490c307c62667f323a0bec8575fb577a91a09980e53
SSDEEP

24576:NRwLEsmLsm+OFOI1r4h00SbXiNTO8TxqTtcgxLDYKLxjp6Qsm3ofWmzmwWbP4:NKLEsvUr2O0SSO8MZcgxL0Ism3pmFKA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4217dbe497bb0abbb8afb125858a5f8b_JaffaCakes118

Files

4217dbe497bb0abbb8afb125858a5f8b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c372311534116eeffdf56f3f6c69c5c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
ExitProcess
GetProcAddress

user32

wsprintfA
MessageBoxA

Sections

.text
Size: 1.2MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nPack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE