712db4b13ca795f14d266836daf5303b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

712db4b13ca795f14d266836daf5303b_JaffaCakes118
Size

74KB
MD5

712db4b13ca795f14d266836daf5303b
SHA1

4b6e78a3c5fd9131eddb6235adffd2db0282f964
SHA256

ec777ae97339661a80554cd49c16bbe9ab724d10caa8d16e6884fff9c867e8f4
SHA512

3574c198c220e2bc13ad6c3d8c3517673a7dee2d3baf400e12440661ea409142124dc155859941465e967c98081c150ad9e9e08155717fbd33cf9374ef4f515a
SSDEEP

1536:oV4gRK1IvnJqqMgihPR69IlaSrxN4cdFTG6Uja7hIZ8McqqS:e4ggfjR6YNn4Pja72Z1Fh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
712db4b13ca795f14d266836daf5303b_JaffaCakes118

Files

712db4b13ca795f14d266836daf5303b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6af582334aa27ac485cbffcd80b58d0c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
CreateThread
ExitProcess
IsBadReadPtr
GetProcAddress
lstrcmpiA
LoadLibraryA
VirtualProtect
VirtualAlloc

user32

SendMessageA
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
SetTimer
DefWindowProcA

Exports

Exports

fgdfgddfgffg
sfgdfggtbfdb
start

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ