6aa6a504696f9d83f79e46b02d19edfb_JaffaCakes118 | Triage

Sharing

General

Target

6aa6a504696f9d83f79e46b02d19edfb_JaffaCakes118
Size

687KB
MD5

6aa6a504696f9d83f79e46b02d19edfb
SHA1

a7c2f12c390a38528cfde74b5bb304cf94de7a78
SHA256

28b92f2b7cd150d1dba61c3bd0142e75c72c8ec5c84739511820b02540b4ced0
SHA512

44753b5385b2155c44eaa801f1dda761f27e28391c92e9328c940c4b33f7eab258f977eb7f952e32fd60f73e501bd2dac2a429080debec8a403bb26cf66538bc
SSDEEP

12288:W93FMJLFP0j6dOqPcGjbmQslyrVZbUdTc/aRZ8anQwS6vWQi+VuMawg+4jsgXbTm:w3aJu6dOqPcWbJB4uyQUvW0VawgRjtXu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6aa6a504696f9d83f79e46b02d19edfb_JaffaCakes118

Files

6aa6a504696f9d83f79e46b02d19edfb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c92746cd3b69c56e5c4ed6d3f9854fa1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
FreeLibrary
VirtualProtect
GetLastError
CreateMutexA
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA

user32

MessageBoxA
wsprintfA

Sections

.data
Size: - Virtual size: 740KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 676KB - Virtual size: 676KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 720B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ