6975304c5fe6b42966202b5fc2cf7a51_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6975304c5fe6b42966202b5fc2cf7a51_JaffaCakes118
Size

528KB
MD5

6975304c5fe6b42966202b5fc2cf7a51
SHA1

a3471560d16afe682d964c548237e042569b8821
SHA256

f22c6e29769eb37b66b3b25fcc23e4a43a10ca6944b5aac7630b14d98b288fde
SHA512

7134c97c53c0be8b3026239f0bd199ffb535db444828ed949858edb14ff8fd1ab41afc7b5ba6b1ed229bc178ade92e79ee6d9e2faa2066932127e2702ad2ea64
SSDEEP

1536:4fiFCzPHFlmb9hJ4ftrgbH2DKUdQ0CIbvDm08X9JEBDaeGO83VYocyC77G:46YzNshJ4VrgbH2+UnCTtTUaeMuya7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6975304c5fe6b42966202b5fc2cf7a51_JaffaCakes118

Files

6975304c5fe6b42966202b5fc2cf7a51_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a890634ba40e641f1c5dd2bbe5108611

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA

user32

TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
LoadStringA
RegisterClassExA
LoadCursorA
LoadIconA
UpdateWindow
TranslateMessage
CreateWindowExA
PostQuitMessage
EndPaint
DrawTextA
GetClientRect
BeginPaint
DialogBoxParamA
DestroyWindow
DefWindowProcA
EndDialog
DispatchMessageA
ShowWindow

ole32

CoCreateGuid

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jeulhmw
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE