64d96088acea7f75b16682295cc343ce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64d96088acea7f75b16682295cc343ce_JaffaCakes118
Size

443KB
MD5

64d96088acea7f75b16682295cc343ce
SHA1

cad087a48e3cec91ff3932d5d87a05d397a43a3a
SHA256

5b35322f4b205c45f87640e22b697d4936fcea3161e2564c812ad2b1d21f7854
SHA512

332ff45832eadb996aff3f7c6a5d7791bf063b1c04740a5b7f5d6e3dfe496b46cfb7278e52b0e86fa0af3c6c79466539d74f8a0444027da5dc3f298f31444a05
SSDEEP

6144:22dgIyo0Kw/wMMPpqOvcsPVhEOGnIgK54IQzeeeL4/Q:5uIyo0D/wMYpqO0szEnIgKKM4Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64d96088acea7f75b16682295cc343ce_JaffaCakes118

Files

64d96088acea7f75b16682295cc343ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58708828d5c31968bd59859804ecde67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
GetLastError
CreateMutexA
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA

user32

MessageBoxA

Sections

.data
Size: - Virtual size: 556KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 290KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ