684a5a292e22c161cc3476b6bf02e188_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

684a5a292e22c161cc3476b6bf02e188_JaffaCakes118
Size

148KB
MD5

684a5a292e22c161cc3476b6bf02e188
SHA1

4cafbd319abcdb46a1d11d3b02bf6c53f26b6940
SHA256

ccb2cbff324f402087392fd12aa42c43a169a32ec7a59085ccc6d2b4965b4fdc
SHA512

7b8c1ec33053c0447dba0745575e571fbeb75211770bb68ac18dcf7a793696d9164e3ce20020dadcbd41bfd7fcc5b37c85a690b0380eaa58224dff091e54820d
SSDEEP

3072:z7ttheM/kUAqpnBdj0D1o6eZJv4ixIWYNsXrIMoWvsCPzyjjxER5q/n+y+k:z7tTeM/k+MDleUiCWYNEIvKPzyjjxAq1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
684a5a292e22c161cc3476b6bf02e188_JaffaCakes118

Files

684a5a292e22c161cc3476b6bf02e188_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4efc2d3e673738b5817f6cc5819957f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetModuleHandleA
FlushInstructionCache
VirtualProtect
GetTickCount
GetLastError
GetProcAddress
LoadLibraryA
Sleep
LocalFree
LocalAlloc
VirtualProtect

user32

wsprintfA

Sections

k=?w:Kp`
Size: - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

]5Ny. >L
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

J-gw.3$U
Size: - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CD(Qkn8g
Size: - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

X,8CSlvY
Size: 144KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE