6a74200e48532458580ed669b90bfb49_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a74200e48532458580ed669b90bfb49_JaffaCakes118
Size

20KB
MD5

6a74200e48532458580ed669b90bfb49
SHA1

ea7b051497102178ffcb4b80d0883426a092e050
SHA256

47d79f3e4d1ff28a3019739de5ca1939059babd4f463495f7525b27788d37843
SHA512

7e1eb3d730e6b0eda5f69fc328654f19480c284699a64f8f519d4fe7fd4f278b385651c4dedb1e6b253a151a55619644009b672f948f379ebea8966a7bc59ddf
SSDEEP

384:ptZ5Q/clDjTO0xm27aPEdYItw1IIRQ1LrGH1w9CkFViYnQQ46+NIQ1wfei:pC43TOep7/+S0Hi1L0m9CkFViYnf463n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a74200e48532458580ed669b90bfb49_JaffaCakes118

Files

6a74200e48532458580ed669b90bfb49_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a30896f71a9b13e311ac23ca50d4c5d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
ExitProcess
ExitProcess
VirtualFree
GetCommandLineA
GetModuleFileNameA

user32

MessageBoxA
EnableWindow
CheckDlgButton
IsDlgButtonChecked
EndDialog
MoveWindow

Sections

�n
Size: - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�
Size: - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE