84b5af9b294ded9448bf53bd0ed53f7c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84b5af9b294ded9448bf53bd0ed53f7c_JaffaCakes118
Size

230KB
MD5

84b5af9b294ded9448bf53bd0ed53f7c
SHA1

b074b04b0dfda48bc4e280103dbcd86779c12e5f
SHA256

e6205dfe7d3dddf731865b882b0b6c317ecc8a506db4c2500a14d09c8d835755
SHA512

bcfde516cfce71be7d7f79af76a9c1577fbe531b829b1b86e0ab5c1b6c0f4de999820e5b88c867fd4deca7b5de7776c57b75e7fa97b8688fb004a97e2fcf2e66
SSDEEP

6144:sOjNufEgnKD7Abnz3ZU+QIH2A4Ha9huqFn2NzJ:lAEGG703Zjh/4Hmvd2Nz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84b5af9b294ded9448bf53bd0ed53f7c_JaffaCakes118

Files

84b5af9b294ded9448bf53bd0ed53f7c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 145KB - Virtual size: 376KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zbn8km9t
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

88cb7q9z
Size: 72KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tahbw02y
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE