7518197cb4fd801f67186609f0568f34_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7518197cb4fd801f67186609f0568f34_JaffaCakes118
Size

76KB
MD5

7518197cb4fd801f67186609f0568f34
SHA1

d155444c791ccfc8cd3e694b00c3143373df02d9
SHA256

ad831932fd1ff9ccdb203e92705ed25072dae5caabbd90e8fe746e8bcb027f7f
SHA512

4e1e9596113e83bd9979f0ca56f3b492531ecec9e727164a46d567bde3e31f77eb329ef0275bf7c4ced61b8aad71ddc080658c74de3aa576b6ee3b5d8ab804d7
SSDEEP

1536:vA8AKzN8mQX77t8/sUsluPf32tx8H26habOf:ooN8mQX77GF332i2cf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7518197cb4fd801f67186609f0568f34_JaffaCakes118

Files

7518197cb4fd801f67186609f0568f34_JaffaCakes118
.exe windows:5 windows x86 arch:x86

49d9dff4cda47db05b18499fcbf60225

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
ExitProcess
GetProcAddress
VirtualProtect
LoadLibraryA
lstrcmpiA
IsBadReadPtr
VirtualAlloc
CreateThread

user32

SendMessageA
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
RegisterClassExA
LoadIconA
LoadCursorA
KillTimer
SetTimer
DefWindowProcA

Exports

Exports

fgdfgddfgffg
sfgdfggtbfdb
start

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ