740b4c63e3913278d252c68015d2179a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

740b4c63e3913278d252c68015d2179a_JaffaCakes118
Size

196KB
MD5

740b4c63e3913278d252c68015d2179a
SHA1

02d421cfee251d613d042f4b476f29ba886d4f8a
SHA256

ddcb89bae42a23c319e418b9a5ab5ca25f3f8fac65cce6a37a31c65f9c59cbeb
SHA512

55c73914bc77fd35dd4755822ac7799c19f2bf54dd60815e4b95f0388fe6d17d289ea010f67112cd443a526a039704ac88b4f3bc183fa0194d24406cbea90ccd
SSDEEP

3072:qLHuh6AH3Op8FRc3R3r1GFu44aLdTkQKqlGpJ6ciqn+EgkuIg/YYdIZxq6zjCj:mHs9XZAVx4rilqe6RILgkuAYKXCj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
740b4c63e3913278d252c68015d2179a_JaffaCakes118

Files

740b4c63e3913278d252c68015d2179a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 134KB - Virtual size: 376KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pr91.vo5
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ycuz8wg.
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7z.jd2ds
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ