4936e321356641e7021f7bf5643a0a40_JaffaCakes118 | Triage

Sharing

General

Target

4936e321356641e7021f7bf5643a0a40_JaffaCakes118
Size

8KB
MD5

4936e321356641e7021f7bf5643a0a40
SHA1

f30f5568a4679ea0532bf3f8e1638081a9ebb0df
SHA256

fe0cb88d5b1d73691fe26adcada95e208dcf5c5d5ec9d52e365b2e3c71ef0ada
SHA512

ec29125ad325e8b2e724d8e43a9723f8cde5ccd7a813ca2afcb9dc434788c5644f3acd89bf39985bd8acd742ab1e4eb40bfa3423a9146a5427d66a180389cf5b
SSDEEP

96:JdeIzdlAGVz69Jwm9sVGph8lj0q40J9YKEO49oxuaWdD0UF5IDNTwsqwVY07nzH:Jd5xlZz69Jwm9gGbq4cYKJ49ooaoCzH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4936e321356641e7021f7bf5643a0a40_JaffaCakes118

Files

4936e321356641e7021f7bf5643a0a40_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0ca8fb524d53a294a75f3adfde9e816

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
ExitProcess
GetModuleFileNameA

user32

MessageBoxA

Sections

.data
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 336B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ