74264a0518d8206e8028bb09f7e145b7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74264a0518d8206e8028bb09f7e145b7_JaffaCakes118
Size

32KB
MD5

74264a0518d8206e8028bb09f7e145b7
SHA1

39e618fb09baf13949fb12dcd5d1d63d7dd11736
SHA256

4591c7d2fea5aed3a52acf5c4f7641f21a96d2c598b1b0d7837331c15e54d224
SHA512

3859f8fee9570edf5116535dc9f4a3713998100b56b92c1fa1648aedac26afef807d14de2f0c7cafeb86f14ad572dfee1ee780b454a7136e93a22103d130ddd5
SSDEEP

768:/LbaDl0pO6FOKh/7HgNQCGwQcFM6qsd2QIyKFjiIk:/SJCOGhUNW8d7I1FOd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74264a0518d8206e8028bb09f7e145b7_JaffaCakes118

Files

74264a0518d8206e8028bb09f7e145b7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2d3e34b9f784ee256713698990aede3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

�!
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

S
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�e
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vU
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE