6a934e819b653c649d3cf6347a4c8674_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a934e819b653c649d3cf6347a4c8674_JaffaCakes118
Size

260KB
MD5

6a934e819b653c649d3cf6347a4c8674
SHA1

a589525271ac2d45d72f085d1ca5b925089a38db
SHA256

1fa31a75b62f8a720a0e72309a9aa0ddcc58f1e38afb5ee2a026d9a6275b4772
SHA512

70037bdd7806f849545c1670e2b1e0aa0505fa9393da954097a58455b88363a508c78211e4f2677caeb04f88109abc0c61bd86e08f199bd54121d7d0283b68bc
SSDEEP

6144:IQ8CdYQqJfzumWhTQICBrzpV9OlH+2WX7WWOt6c07Xu3xqWX1MeUOh:mKqJqniICBrzpVslHpWX7Wzt6c6+mex

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a934e819b653c649d3cf6347a4c8674_JaffaCakes118

Files

6a934e819b653c649d3cf6347a4c8674_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 137KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6wkr05cc
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0drtcaby
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4jx5uy3m
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yfr2riwt
Size: 117KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9t57na.n
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ