95459fb9b7279857654f194d58261424_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95459fb9b7279857654f194d58261424_JaffaCakes118
Size

309KB
MD5

95459fb9b7279857654f194d58261424
SHA1

a6cfc7d717f92d22c09c4627a48da7506ee44cd8
SHA256

037d19f35e2af430527ed3b087b622b5bf22bf50adedcbe1359d3daaa5baaca1
SHA512

f6fd0be1ced637749af266501522a36e92ecefdfe3ae08c869d068c7c0d8113e8c8d7023ef16d24074e3ee431a67e38c7c4064b7369d45fe47cdba6a8aafe8ee
SSDEEP

6144:J+Pkze6EvbV0oDcB/4j8QDrWf99+21d6nhVRn0CMzlx7jBFe:MMXEvbPD8YSf9Q21dSl9MnjB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95459fb9b7279857654f194d58261424_JaffaCakes118

Files

95459fb9b7279857654f194d58261424_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

w1v32w1c
Size: - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lj1cfrcf
Size: 291KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dnxuhknk
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ