61e2b8c3c3c4556416d951e404be3046_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61e2b8c3c3c4556416d951e404be3046_JaffaCakes118
Size

237KB
MD5

61e2b8c3c3c4556416d951e404be3046
SHA1

a670e5442d12816bb40cde3027cffa20747747ac
SHA256

09736fe32f48eca08f3dfcdcd2cd9c271fa40e63d4fd00004ea11b0f7fe625b9
SHA512

25fe603b6de9027ff2d2babe9dd9aea468c94b6d5b9ac47e91866d8b6694361db4c212852a3c9674255461d694d217bebc03112ec1b5d6d02520406cea93d79c
SSDEEP

6144:I6wV7TqZ2Szzf/kfzKKS8Dfd4OUhzNhOve:Ih7TqZ2i34Kx8DfO5hzNMm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61e2b8c3c3c4556416d951e404be3046_JaffaCakes118

Files

61e2b8c3c3c4556416d951e404be3046_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cv8q0b3
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xjvzd8ry
Size: 232KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

r9j08nxx
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ