65fcd49bcc67bcc6cbc3b3749d4a2572_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65fcd49bcc67bcc6cbc3b3749d4a2572_JaffaCakes118
Size

254KB
MD5

65fcd49bcc67bcc6cbc3b3749d4a2572
SHA1

92d57c9c596c501fe2056f7c479d75d2ebb61a0e
SHA256

8ce5cf9b181f5bd50ca0e42d290d4ad308ba9c732cb956774395d3a46f7ea301
SHA512

74cc4a56229b490da74f69ab01a5b609a00f911071dac8975198c793be44a1b59735e834d32624f65c1cf646e914c4f84ef4c012d5f4acad10ccc7e5e51760f8
SSDEEP

6144:dDikkgXdVhyDFHb3AUg4CccCKQuvWBLa30lA1+EraacUBOB:PkgXDhyx73/CcjIvW4ElA/NB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65fcd49bcc67bcc6cbc3b3749d4a2572_JaffaCakes118

Files

65fcd49bcc67bcc6cbc3b3749d4a2572_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 376KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9..4mk00
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dljzmdyo
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4qu113ub
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

d83c9aa5
Size: 250KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6vjdbm37
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ