823fa84a90ffb0d06fcd5793d0a371f0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

823fa84a90ffb0d06fcd5793d0a371f0_JaffaCakes118
Size

1.6MB
MD5

823fa84a90ffb0d06fcd5793d0a371f0
SHA1

da4429145f889d940e92849eed3a4a80c43272c5
SHA256

ca1cbc364d2bd57e1ca201fa5fb3591122fff0b1e372c79bfab3e27b787b27b1
SHA512

c0b4c5646639dcd3410f51a60a64778ce8fdf7dbdd5f40ea0a652b70ba7d4769bd5e371c948a5024ad13f15f891b53916b56fad4ce922b4703dc2b8c04a7c1db
SSDEEP

12288:v0jNLE7F81VzfenXDclJ5+bpY6rmsrVCj0YglN:2NLOKzfeXwlOC6rPrMYYU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
823fa84a90ffb0d06fcd5793d0a371f0_JaffaCakes118

Files

823fa84a90ffb0d06fcd5793d0a371f0_JaffaCakes118
.exe windows:1 windows x86 arch:x86

6e1f282449492d5fc7a87e6f1c3ced5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LocalAlloc
LocalFree
GetProcAddress
ExitProcess
LoadLibraryExA
GetModuleHandleA
VirtualFree
VirtualProtect
GetModuleFileNameA
VirtualAlloc

user32

wsprintfA
MessageBoxA

Sections

Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.spack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE