95f1f1fc39b1ebef079281b56197cc72_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95f1f1fc39b1ebef079281b56197cc72_JaffaCakes118
Size

375KB
MD5

95f1f1fc39b1ebef079281b56197cc72
SHA1

e558a562878ca776c1845c65f6cb6fcaabf72a05
SHA256

5cf7a4276cceb13b1439b995478a98d9d2309a7d06b3350582a6e59c1df6bfa0
SHA512

f00afaf152a7e16d7bd5aac3bbce3a3bba6d84acc82e1407e3b5e02fa8cc9a329de3ffa4da1f33f02eacab66a8a11480407c9ee03fe0a985ed48a079c4cacef6
SSDEEP

6144:6OiPJFKHC2TM8fRurYcW7ajfF7G3b4l+OwYlyjEEv+QZLFWCt4XmOCqgCmfDS:6Ofs8fWjf0TYlqvpJFkrfgCmfG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95f1f1fc39b1ebef079281b56197cc72_JaffaCakes118

Files

95f1f1fc39b1ebef079281b56197cc72_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e1f282449492d5fc7a87e6f1c3ced5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LocalAlloc
LocalFree
GetProcAddress
ExitProcess
LoadLibraryExA
GetModuleHandleA
VirtualFree
VirtualProtect
GetModuleFileNameA
VirtualAlloc

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 362KB - Virtual size: 812KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 5KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ