976828b98fbb038b7cc011051327175b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

976828b98fbb038b7cc011051327175b_JaffaCakes118
Size

2KB
MD5

976828b98fbb038b7cc011051327175b
SHA1

780247d514b516ab255613d14e5c2d2f7c187eb8
SHA256

9085bafca2da70451b57bf4b475518e415812158cc9bdc2b21905f3a1d99a0fc
SHA512

1a8cd006059681414e411fd03e05f5295ad81b8c0b9218061501f612f2921d4f9c27fefdc1aa6ca0ddf5403e7558c4892f133181bea7b95c8be335e1df9cf404

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
976828b98fbb038b7cc011051327175b_JaffaCakes118

Files

976828b98fbb038b7cc011051327175b_JaffaCakes118
.exe windows:1 windows x86 arch:x86

fe5045d57ab1bbb47d12e655a3b0ddef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
OpenProcess
ReadProcessMemory
WriteProcessMemory

user32

FindWindowA
GetWindowThreadProcessId
MessageBoxA

Sections

.data
Size: 512B - Virtual size: 38B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 339B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE