7184c86544518115d50527a9ede6180b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7184c86544518115d50527a9ede6180b_JaffaCakes118
Size

409KB
MD5

7184c86544518115d50527a9ede6180b
SHA1

0037444f5789aae11b6943af16158d31488fc847
SHA256

1a6b3324ab5b9f1e68366f9ca6a8215b751729d2c8ddae3556adb6d37e2441d7
SHA512

b4d8e527817f104b160b87de5fcee3300e3b72c0e1b04c661a70489c9dc401987d86178d484958abce3a7651a530d20311ae7fba6c07e6ca3cff911b0d922076
SSDEEP

12288:3gY3X6yq1Q9J2SE7uzKv2UTj5IFiYlJ3j:wpyqmJpzKv2U5oi8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7184c86544518115d50527a9ede6180b_JaffaCakes118

Files

7184c86544518115d50527a9ede6180b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c45c85361b11b86091ee6937f366aeb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
GetModuleHandleA
GetProcAddress

user32

wsprintfW

shell32

ShellExecuteW

msvcrt

free

Sections

.text
Size: 407KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

linghun
Size: 62B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE