72c3eb8350ee3caccd9cae0c5f995bc0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72c3eb8350ee3caccd9cae0c5f995bc0_JaffaCakes118
Size

526KB
MD5

72c3eb8350ee3caccd9cae0c5f995bc0
SHA1

b53e2ae1c1a7388f0e96410b436ce9d0880eb5bf
SHA256

2a88f964853de5c134c6e9c2fbd3ec256a764492196f9799e6ce8c796a62759e
SHA512

9f4b81142bf0d3551f13706aa4d22abaf569dfb7542d87f2c87553bb2049fb092b15e137f60b54b1bba895ead461d74ea78890587d05808813de256d9a61acaa
SSDEEP

12288:fcHd6xA4ROriT0uonxt1eF33fPnP9YP9wRY00onTV8l1dx3pT:4Jy1YDb4/YFMdV8JT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72c3eb8350ee3caccd9cae0c5f995bc0_JaffaCakes118

Files

72c3eb8350ee3caccd9cae0c5f995bc0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46b0675c1fd7681c7b19a1c83d5aff83

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
ExitProcess
LoadLibraryA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA

user32

wsprintfA
MessageBoxA

Sections

��
Size: 516KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�l��
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�h��
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ