8c9ccb77c496e1347e551ea396b681ec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c9ccb77c496e1347e551ea396b681ec_JaffaCakes118
Size

220KB
MD5

8c9ccb77c496e1347e551ea396b681ec
SHA1

b632075bf0bc0f5282a0ed5132b4efe6e09513b5
SHA256

6ccc4e5c9c7a38eddf2d513d9b0ad220978d50e4b38861c78e21322088856ecb
SHA512

fcc24c009cc7bc13ea7be45cb88927da39354a604a81f10770c137fd9a634d9744f54393513f40fdf719eb04380670b5890af288b1230bda417a805d1715ffa1
SSDEEP

6144:VQcOLuotVLls3C3cyT1itlfDOZEXmvZAaQNt:SrLuKVLLPEHDOFBAtt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c9ccb77c496e1347e551ea396b681ec_JaffaCakes118

Files

8c9ccb77c496e1347e551ea396b681ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58708828d5c31968bd59859804ecde67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
GetLastError
CreateMutexA
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA

user32

MessageBoxA

Sections

.DATA
Size: - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.r2rc
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ