755f64fe65b7557e6c858017838ffbc5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

755f64fe65b7557e6c858017838ffbc5_JaffaCakes118
Size

10KB
MD5

755f64fe65b7557e6c858017838ffbc5
SHA1

47736b895f56595fd60ec88df0916d685883c056
SHA256

b6cfc482abb77b909983d766feb0c4adf757375b4bb25bc58ee0cdfff0625fb5
SHA512

e3d771ff91073d5fb2c1511fe48eb92c8badf67285df9272e6345d89da8dcff133770273fe2d9353c908a6e18aa7d8457e43b959c4d59e5d758df579af53a414
SSDEEP

192:+xSUypsWR0jZhr/j6nkhoWLFeAYX4qZN0vjWqum:+xSbpsvT/2ooWCoqZNuWqu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
755f64fe65b7557e6c858017838ffbc5_JaffaCakes118

Files

755f64fe65b7557e6c858017838ffbc5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c92746cd3b69c56e5c4ed6d3f9854fa1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualFree
VirtualAlloc
FreeLibrary
VirtualProtect
GetLastError
CreateMutexA
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA

user32

MessageBoxA
wsprintfA

Sections

CODE
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 205B - Virtual size: 205B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE