aa48515c1910e4a5e74715069e0de5e8_JaffaCakes118 | Triage

Sharing

General

Target

aa48515c1910e4a5e74715069e0de5e8_JaffaCakes118
Size

865KB
MD5

aa48515c1910e4a5e74715069e0de5e8
SHA1

efd044d532eb90ef0d6a94846f9f36c05e48f294
SHA256

34be650771bd4c34fe449ef5f030805161129472683bbc763f5fd7255d2d4953
SHA512

5a2eefdf0ae65fdc08250ab5222ac5f64d61a60f3e1d54e6e7e42782fcf2f138cb8d803f7cb36190932bc836df5a3b6129f4d6d6ca74ca0c93a1d180025d6c9d
SSDEEP

24576:GANiIpIstLjVEKboGezKdhwoztEVOnCJni:JpIsxjszKdhwohGhJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa48515c1910e4a5e74715069e0de5e8_JaffaCakes118

Files

aa48515c1910e4a5e74715069e0de5e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98c88d882f01a3f6ac1e5f7dfd761624

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess

user32

MessageBoxA

Sections

�server.
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 24B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 42KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE