76aff3dbea09bbf28398f41b38d710e2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76aff3dbea09bbf28398f41b38d710e2_JaffaCakes118
Size

582KB
MD5

76aff3dbea09bbf28398f41b38d710e2
SHA1

4481e6e1aa9737a5217d7611687885213b0d1d32
SHA256

84559250d2ba8d957550c0da2b1497cbed52c03754c1ca62727004a171b4f2ff
SHA512

d11e8e1fe9ff0d31adfa160bca50a9900bc6b81787f26a9146d2a7bccd4cb48ec0da7365612251896f22f7e66dd40496260f6acbf4930f87700707ed47f11adc
SSDEEP

12288:uheBSF6KlIuAcHIeoe2pBYYoU7xjk7dtTumDSc1RYTkH38gvW:uIBzCXHI1b7o6MtTVyT2pe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76aff3dbea09bbf28398f41b38d710e2_JaffaCakes118

Files

76aff3dbea09bbf28398f41b38d710e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.m7aegoq
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

laqysuaa
Size: 353KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5q3z3ols
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ