6ac7432ec2866d3890d054a8f4ba92b9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ac7432ec2866d3890d054a8f4ba92b9_JaffaCakes118
Size

202KB
MD5

6ac7432ec2866d3890d054a8f4ba92b9
SHA1

8be37a271ace51358f116aef16609d5a3bddf583
SHA256

419227c12493f7dcb1ce5ca06a5a504201affe8d9860f84ad8d1679491bfdc37
SHA512

0d7778e2855f6909c4e182736ce6c8e112f96b12c19c146b89de518f883b7954a116b023efb502769f29068bc4a1cbe39b2ee251cd857875a5baca976f123171
SSDEEP

6144:TH9uRIAFGmXn+uuuM8RlizzJJlmhQ6xUR:D8FbXnFudFQJxU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ac7432ec2866d3890d054a8f4ba92b9_JaffaCakes118

Files

6ac7432ec2866d3890d054a8f4ba92b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22deaa3e5166e3019a02358581c9a9ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lopen
ExitProcess

user32

MessageBoxA

shell32

ShellExecuteA

Sections

Size: 42KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 12KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svkf
Size: 143KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE