77295adea556689fe0e8240ea738fc8a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

77295adea556689fe0e8240ea738fc8a_JaffaCakes118
Size

501KB
MD5

77295adea556689fe0e8240ea738fc8a
SHA1

22a1a8fa008b4876acdd834e2e19da4284e98d04
SHA256

b8ed3a7dffc856da74743ee9806b724230bec80dba0e69d11af780d6c7dbddda
SHA512

571bcdadd0dd69b12b0d94a63dfe88ff8d16d0133c0699d72dcfa676a33d299fb78e191279178b18f8cacc2c90dcb8db7ca37e905a026d5aee6d7e7678e41dd3
SSDEEP

3072:3ZqFBHMoSn0gKRu76Q0U2bcgvDabRkhealS:pqF1MJn0pu7h0LrvqQS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77295adea556689fe0e8240ea738fc8a_JaffaCakes118

Files

77295adea556689fe0e8240ea738fc8a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

076c4d43a508f235ee2e6f286393ede6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

LoadAcceleratorsA
LoadStringA
RegisterClassExA
LoadCursorA
LoadIconA
UpdateWindow
GetMessageA
CreateWindowExA
PostQuitMessage
EndPaint
GetClientRect
BeginPaint
DialogBoxParamA
DestroyWindow
DefWindowProcA
EndDialog
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
ShowWindow

msvcrt

??2@YAPAXI@Z
memset
??3@YAXPAX@Z

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE