82f49286c18e298705b53e78c4ba0456_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

82f49286c18e298705b53e78c4ba0456_JaffaCakes118
Size

60KB
MD5

82f49286c18e298705b53e78c4ba0456
SHA1

d0fe450ed8ce0fa235eae3ade395dd4452f11d16
SHA256

eccb14b5014334e1cfe4f46cf34124b0c216803204cb6a353fbc2a17e71e0308
SHA512

e77df878065a10dff8e0dee02cfadb2efd778587bf578f11d4d58238586483872b19fdbc134c67bf17a560a651e320bb23877b3db97997da700238aa8329cbc3
SSDEEP

768:CB+S7CX5BaJOLCe4ptAZ+bdn06DNeojidMNllaATP5WiBSvujCtYzSMl:ch7C7Sg4fAYbRTYoi2NllXPcI+yz5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82f49286c18e298705b53e78c4ba0456_JaffaCakes118

Files

82f49286c18e298705b53e78c4ba0456_JaffaCakes118
.dll windows:4 windows x86 arch:x86

372cb1afc2a93c932bf474b9fcb8cb7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LocalAlloc
LocalFree
GetProcAddress
ExitProcess
LoadLibraryA
GetModuleHandleA
VirtualFree
VirtualProtect
VirtualAlloc
GetModuleFileNameA

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 32KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.asprl
Size: 496B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.asprsc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ