44fdf5beb1e1250da91c2860863d73a5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44fdf5beb1e1250da91c2860863d73a5_JaffaCakes118
Size

246KB
MD5

44fdf5beb1e1250da91c2860863d73a5
SHA1

543e070e0655427605b9edef605e351ebc6c0e75
SHA256

9dde3e19f414b49778187f63fd140f79c3a420b1baa88d64eaab08985b959912
SHA512

0ae712c3fc2e58e451a3efadb65f266f625167f5c48583819ced9a4bfb0228b5fd4723a652090079c1a49e56f28e5827a22b4096be2b4db3b8dcffd9a830e7d6
SSDEEP

6144:pMZwOMbtofsrrXBh5b7jd+qVh+Uwzz8UUjEDCxkUnMdo:eZwOM3f3hPdt8UMAU9DCM6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44fdf5beb1e1250da91c2860863d73a5_JaffaCakes118

Files

44fdf5beb1e1250da91c2860863d73a5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 137KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bx8q8cag
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9la3lplf
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jhp5ll35
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

avxjp6z4
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tenb5bfl
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ