76446cb67cdbef556ca0c17e2f682baf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76446cb67cdbef556ca0c17e2f682baf_JaffaCakes118
Size

372KB
MD5

76446cb67cdbef556ca0c17e2f682baf
SHA1

3438cf9cc8917b3b2ce6c0bbbacbdfa70c2dd48e
SHA256

e8912bf0678af976fbe0b57c3b4361651c253ca6bf7ee25954923f7c2cb4bffe
SHA512

113e0d11fb74e16583c14235a3706843d443b42389777fe241ebe36b611f3849a921400aa7346845a00e9600b81a0c1159b10a155412c8a3922eb8c049c9630d
SSDEEP

6144:tiq+SVnh00BsdIt/ogn1fHuM7il2xqQiur49xU8BYZvOzmus3uiEWyIHg999cmR7:tbVni7qtvfuM762xqyOdYZmzLEyog1c+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76446cb67cdbef556ca0c17e2f682baf_JaffaCakes118

Files

76446cb67cdbef556ca0c17e2f682baf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c92746cd3b69c56e5c4ed6d3f9854fa1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
FreeLibrary
VirtualProtect
GetLastError
CreateMutexA
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA

user32

MessageBoxA
wsprintfA

Sections

.data
Size: - Virtual size: 624KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 354KB - Virtual size: 354KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ