a17cbc98307e6eaa4cb98282946dde58_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a17cbc98307e6eaa4cb98282946dde58_JaffaCakes118
Size

247KB
MD5

a17cbc98307e6eaa4cb98282946dde58
SHA1

cf137f96d0fcb6fb49b24fedde958f8580bb0e61
SHA256

1273305783595548bc414cea80b82c968f1a57585819cbd5c398e3881806fc3a
SHA512

0e31d7dcc9f6026ec1fce76730e3a02554003b80f34a5a6a56849d19ae21a151af00a2951299c9bd8b948d3d671c02a10d43f58da96cd1d40086b8c7e721026d
SSDEEP

6144:4bovFcSqzN9gdXpJ8a2Q6M5eQmVMQBUtNs9LQaWYGaNb:44FcSO7UQ/45L/Usl3aNb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a17cbc98307e6eaa4cb98282946dde58_JaffaCakes118

Files

a17cbc98307e6eaa4cb98282946dde58_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 133KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

abvofzul
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uaofsvvf
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

arh8zyji
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.w4rxl0y
Size: 112KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

aadb5fqf
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ