64944b34ace5cca3c3ed4a04102d3055_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64944b34ace5cca3c3ed4a04102d3055_JaffaCakes118
Size

14KB
MD5

64944b34ace5cca3c3ed4a04102d3055
SHA1

10307a83784f2909378a8e63b971a7c41d7aaa00
SHA256

63d419e874ae5f5d35695dd226b4406352332d5c645f93dadb0b9773d455e5ea
SHA512

962dc7f02eef2e6110e5b528eb13820f12b45c20a75368330dc602dc3446ac260929a2a1bd8c13c0ae52adcc35f04e7c2caf303de023c82a82b491220946e83e
SSDEEP

384:ZzxvYVcj9zTM9Ok+teApSlUZNdXuAAXLr:ZzFLpzTOOk+tMlmbNELr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64944b34ace5cca3c3ed4a04102d3055_JaffaCakes118

Files

64944b34ace5cca3c3ed4a04102d3055_JaffaCakes118
.exe windows:4 windows x86 arch:x86

541160bce55bf5030f1053d9ca2f310b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

ExitProcess

Sections

.code
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code1
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE