8b9298e9016df46303e34e7b3a06956d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b9298e9016df46303e34e7b3a06956d_JaffaCakes118
Size

378KB
MD5

8b9298e9016df46303e34e7b3a06956d
SHA1

983d58d73e8419ff03bfe3049dc0eacbcf168398
SHA256

dd48469f1eee0b3e86bbdf1e4817bc6b83be3243c72e799a66048d6a189f2722
SHA512

6a2260062142e3238cea5bac097a7f35c93e83e84f2d5c9d54e78edba72cbc49e0509031658ab27bcb5216970a1be59e7cb568ca4c8b7cb7b70ca1d435316581
SSDEEP

6144:XZA0b/v+SUgC8APQAXnWyHvtXv6LN3EzDz+zVG3scXjcHgdWJFVcP3gpaOqLps:pA0bH5bAxWyPtXy2zDD3scjOKWJFCP3I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b9298e9016df46303e34e7b3a06956d_JaffaCakes118

Files

8b9298e9016df46303e34e7b3a06956d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

k1yd1hr5
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rikgduzv
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bdmdf1vr
Size: - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gmwfm0kd
Size: 377KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE