42aa03bec03f664b51dcd93ab7fd6cef_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42aa03bec03f664b51dcd93ab7fd6cef_JaffaCakes118
Size

167KB
MD5

42aa03bec03f664b51dcd93ab7fd6cef
SHA1

d397fde3c806a214c4f4c8a7434e72b05727db6c
SHA256

b68caa4c9908c1073a28d4bacfa49fa7a1f51dfb17e6053a8de7e484fb97dfdb
SHA512

f4de2516d7ce126333336c2633b9c499cc1533a562ef1f84b9c358886f2b50624a2998a3768f131d77e5c9ed359edf6ca54054fdb0dd0e58dcf5d0f80e7fbe57
SSDEEP

3072:N97Fty/OyS6RVVa2NX+YA9OLqqupTnWW6FTkfsYbZ:LLyG363Va2Nk9mIT2FQfL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42aa03bec03f664b51dcd93ab7fd6cef_JaffaCakes118

Files

42aa03bec03f664b51dcd93ab7fd6cef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3qzfcrrv
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wipzk9i3
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

u1u4jo32
Size: - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

345wxqc7
Size: 165KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

88o99c.y
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ