69efe4335beb50f558d979df647f1bf0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

69efe4335beb50f558d979df647f1bf0_JaffaCakes118
Size

438KB
MD5

69efe4335beb50f558d979df647f1bf0
SHA1

2ba4b79e687bf7ebff0ac26743d94c0c8f4a8f29
SHA256

86f6bed88e722dba7bd4a66ff67dfb08a2fe65f67095700003e143c67fca119a
SHA512

a78c1da34c69aae1220c1c9726b1d3839365316edc596bfdc97120f110b7f49fa911779ed0869567c4865a8c51a5f4d3123d2db46a27c068de57000ad60ab079
SSDEEP

6144:ueOrHSIktiU4OPVYxf+2zWtuAcY3kVKIQ3IpGlqy1fZXJsjzKY9kpWJAuFOCdvZi:uRz+nd6WltuAcY3Lllq85ulupcPqox6n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69efe4335beb50f558d979df647f1bf0_JaffaCakes118

Files

69efe4335beb50f558d979df647f1bf0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yfzhhca8
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

mp0gajrz
Size: 213KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

m66m0b6.
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ