8c78eb6a5593ce319d579a207334d62f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c78eb6a5593ce319d579a207334d62f_JaffaCakes118
Size

52KB
MD5

8c78eb6a5593ce319d579a207334d62f
SHA1

03cbc9ba1c3ce141de615b39704292de052c2d16
SHA256

69af2430196da6e30bd0d5db1d87c549dcdd57174cb164bc07abfbd06f533768
SHA512

99b561ccd1447260d0e56b08c5f4beca5aa9f8233f6b645c138e7a818c216d8fc816186be3cd08485f6c97726a358f4c5d66c862134d09620d3dc0d10e8a8142
SSDEEP

768:3ciqmsSGmvvtfpXwB+jrdclRDrNaCpY/dVgI1BhES6tvLUdoS+IwSy666z666:3jTGcXweCnrw1aI176t4eS+I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c78eb6a5593ce319d579a207334d62f_JaffaCakes118

Files

8c78eb6a5593ce319d579a207334d62f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

228a3830cac5334c4716fdea72201ecd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
VirtualAlloc
GetTickCount
LoadLibraryA

user32

DispatchMessageA
TranslateMessage
GetMessageA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ