4db4de7610ed1254e1a8ff4378d1907d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4db4de7610ed1254e1a8ff4378d1907d_JaffaCakes118
Size

144KB
MD5

4db4de7610ed1254e1a8ff4378d1907d
SHA1

74a1fb44f4022865b2e8b09fcb3a6e9c8ef24e91
SHA256

5bde13a21b39e545ea7c9e294c6c780fe34c4411075982188a55f7a3e4c7b73a
SHA512

29f01d2dd7380ceaca1b2e10a47dc6f57dd2de8c5b3eca07df16c482b59413335ac369733466ab26c549a04c9ff025099f1df7f1ad12eff759d45d3809238cf3
SSDEEP

3072:kaueQ74Zcm3ueDD7PPYOI/pGOuGoDMAEnJthyEiRf2GR/r1:vuPDlamGBGi0thyEy2KT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4db4de7610ed1254e1a8ff4378d1907d_JaffaCakes118

Files

4db4de7610ed1254e1a8ff4378d1907d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4efc2d3e673738b5817f6cc5819957f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetModuleHandleA
FlushInstructionCache
VirtualProtect
GetTickCount
GetLastError
GetProcAddress
LoadLibraryA
Sleep
LocalFree
LocalAlloc
VirtualProtect

user32

wsprintfA

Sections

M"IG(xit
Size: - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

<x)[*m$J
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

&WXEB+U?
Size: - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

A__(;'Fj
Size: - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Ga:`^e,5
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE