42b9f6e1de3e58e10975752fc4c2a8ad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42b9f6e1de3e58e10975752fc4c2a8ad_JaffaCakes118
Size

324KB
MD5

42b9f6e1de3e58e10975752fc4c2a8ad
SHA1

ea12645b027f69910968174ba769cc7a859e65c3
SHA256

bbede356148228c8c477bf5e0981e907e5a45433cdeffec420d4ccedb8fbd700
SHA512

0b87a522ce6d6d4f72166708cda99159649b9254a4dd94e753ded0b7d4058de6a43c73669f7e81d39696456368799288681e70f19e4a8f82f8134b4ab8fcd045
SSDEEP

6144:UqKvzui0sYuNM7rYu0jDLvktNrWWn6x+h4G5PDD29U4ABaG/GW678L:Vgzui0spNgr3WLvck+O2PZbay76QL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42b9f6e1de3e58e10975752fc4c2a8ad_JaffaCakes118

Files

42b9f6e1de3e58e10975752fc4c2a8ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

00e6cd2e44e7507b6c5f7de1ab9d21ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
VirtualAlloc
VirtualFree
VirtualProtect
LoadLibraryA
GetProcAddress
CompareStringA
IsSystemResumeAutomatic
OpenEventA
DeviceIoControl
FreeLibrary

user32

SendMessageA

Sections

HbpMlJrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

uuwZnSbL
Size: 4KB - Virtual size: 542B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

GBPyGHxO
Size: 272KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE