5a888beedff7a0e8ac6530b05b11ba6a_JaffaCakes118 | Triage

Sharing

General

Target

5a888beedff7a0e8ac6530b05b11ba6a_JaffaCakes118
Size

192KB
MD5

5a888beedff7a0e8ac6530b05b11ba6a
SHA1

5217d4d89e4eeeb52c37a8db5551996c7630f3f8
SHA256

3bff43a10e9a9e06d0eafb9fa6a14dfb859ad79cba4fa328c1275a73fb489535
SHA512

7ac984279b47b7c0c41193173728d7c5e785ee31a40007a3462d327cf8dfec9a6745010012456280b933537248bd9890ed1c56631fe371b5b19a1ca719685ac1
SSDEEP

3072:58A9dJzCgAOQKCBZoeGiJYUfzaKK+gVLx99M7oGn+s3KyPvnuUQmUeXdcLhRJ8G:58A9jCw9s9ZY3jjGn+YpuULUeX+L7L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a888beedff7a0e8ac6530b05b11ba6a_JaffaCakes118

Files

5a888beedff7a0e8ac6530b05b11ba6a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bcd81398dc4991f2840c355c1d92baa4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
MultiByteToWideChar
GetModuleHandleA
GetFileSize
FlushInstructionCache
GetTickCount
VirtualProtect
GetLastError
GetProcAddress
LocalFree
LoadLibraryA
Sleep
LocalAlloc
VirtualProtect

user32

wsprintfA
wvsprintfA

Sections

R.8:"Ag]
Size: - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

JVST:G\W
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Gu_3$'mu
Size: - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

:2>axF-C
Size: - Virtual size: 636B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

mk&/=hxq
Size: - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

3`q:w2V/
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

)KImq7u+
Size: 4KB - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ