48581d48b10d211131275ae6b7dd0b77_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48581d48b10d211131275ae6b7dd0b77_JaffaCakes118
Size

445KB
MD5

48581d48b10d211131275ae6b7dd0b77
SHA1

2e656413d42ac05d96cde4663fc5757da23292d6
SHA256

7842f3ed012ba19f724a1e500a59f98909bbbbb400c6f9f0a464f726ce62c42b
SHA512

f7c3eb94764e6425a28c105c1f7908003c99eedf2d8bbff6fbdb159d582d325d5342017fe5d26fc749d2ed27af5f70ed89414d69998519d88d060c57b2c4379b
SSDEEP

12288:7lLYHOdBlOd9+EsisjjKX+I2b4mxNfMf1yDC:pYfkfjxI2LxNf2j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48581d48b10d211131275ae6b7dd0b77_JaffaCakes118

Files

48581d48b10d211131275ae6b7dd0b77_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lb8kyxqm
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.3gd61jf
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4tu.gec5
Size: - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tsav7vx3
Size: 427KB - Virtual size: 428KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7g159cy3
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ