a615a74a89a1c9b2bd9c726f4d662734_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a615a74a89a1c9b2bd9c726f4d662734_JaffaCakes118
Size

67KB
MD5

a615a74a89a1c9b2bd9c726f4d662734
SHA1

deacb90ca653b1f456f56e7b0f4738f4ff38239e
SHA256

01d278941fa1da5dec43ebc77e16062d6867d09a95229f39e7fd19a7d6864928
SHA512

05dae67429bb6ae6f246b16b2040f50a1260ecf4af67f395414b58258552ffec09888c52d79d59dba0e5ae214ad15c95d947ed1ff00819b1578db1a3e8314d9a
SSDEEP

1536:HuHBOqDdUwC2AVH+wDxPDsUnKntZ+EWAnTj42LoFLMBF:OLJ8Fhu+rkeMT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a615a74a89a1c9b2bd9c726f4d662734_JaffaCakes118

Files

a615a74a89a1c9b2bd9c726f4d662734_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0ca8fb524d53a294a75f3adfde9e816

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
ExitProcess
GetModuleFileNameA

user32

MessageBoxA

Sections

.....
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

......
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.......
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ