4dfeb6a8e50443d792b9795d5eab5e4c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4dfeb6a8e50443d792b9795d5eab5e4c_JaffaCakes118
Size

579KB
MD5

4dfeb6a8e50443d792b9795d5eab5e4c
SHA1

85a8ed5b8f5c6aa7a81d37c14c78bc4aeeed8332
SHA256

b6d9c3e078fc3f5e40a0273c2e1fb5de4cae8bedfed21bc1ca827621d29df5e7
SHA512

e90795c1f252a4fab932857d9352c62d87b95af07b7ce36b860058d6c2a16f1cd9592002f14f926863724a584f4b2840c1a5e0f8edfed44c09051739162558fd
SSDEEP

12288:ux2BIF6KlEuAcHIyxzCQ55gvAEhPmTGa0lMNxvY5Cxwad:u8BJCLHIyxT5Mhuqfl8QwxN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4dfeb6a8e50443d792b9795d5eab5e4c_JaffaCakes118

Files

4dfeb6a8e50443d792b9795d5eab5e4c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sd2pjisy
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

zw7q9f8y
Size: 349KB - Virtual size: 352KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9mdc0igq
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ