8405e8dd521396a90494701ffc2ada0b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8405e8dd521396a90494701ffc2ada0b_JaffaCakes118
Size

63KB
MD5

8405e8dd521396a90494701ffc2ada0b
SHA1

c8febd5f50c4120367791dc3d2d19255fe47a0c0
SHA256

fd05fbd9d56b40ac70f322858bfaae16838c17a9d0b1d2eb896e387795c893b2
SHA512

0ea54440a23f1fac50e97023357cf545350058809ee8241f48467d82b7a23dd150bfe9222909c88024697218a7309ba6999289eb4654055e342a7ae6241b6a94
SSDEEP

1536:CNZHB5seNUhAZqLK4ZXJGtIWopVNZ1EFWVpa:CNZJ2HLBXotIL1mog

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8405e8dd521396a90494701ffc2ada0b_JaffaCakes118

Files

8405e8dd521396a90494701ffc2ada0b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

99f5b0b723d6fca2813f516623081e1c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA
FreeLibrary
GetLastError
CreateMutexA
LoadLibraryA

user32

wsprintfA
MessageBoxA

Sections

.data
Size: - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE