a5f788257de84ff8a5fa3ca9487e8b4d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5f788257de84ff8a5fa3ca9487e8b4d_JaffaCakes118
Size

1.4MB
MD5

a5f788257de84ff8a5fa3ca9487e8b4d
SHA1

ee756498604b200006bf33c315e0b5adbe68d0c6
SHA256

914c0da4462bfc7b741546a4ee96efa13d8853d1df6ac4117184c80c1116c3f1
SHA512

dc677bee2a925e887a1719264087f613c02b217ecaa4cadd6a8b5dc599134e620c0e34d039c49598622d6875fdfd0dbf9b0cb66069eef8634506c0e4687e8125
SSDEEP

24576:ZDgKEaS7xaiBuUgy4Rsn4QBw6g7ktlFG7Shpxu4pqgUoC9ps3xeY1Ga802kPOaj5:ZJwAiBuFyuZQNDG78j4dJ92M4Ga/P1Ku

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5f788257de84ff8a5fa3ca9487e8b4d_JaffaCakes118

Files

a5f788257de84ff8a5fa3ca9487e8b4d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22deaa3e5166e3019a02358581c9a9ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lopen
ExitProcess

user32

MessageBoxA

shell32

ShellExecuteA

Sections

Size: 544KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 76KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 583KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svkp
Size: 131KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE