aab3c7a9f839e7f22adb2dd204c63684_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aab3c7a9f839e7f22adb2dd204c63684_JaffaCakes118
Size

454KB
MD5

aab3c7a9f839e7f22adb2dd204c63684
SHA1

4d74cebb4c43bbf81bd62c4ef9b76d0ea2e60471
SHA256

a59ec4737083ab7d3d9954f8e3c4e94a3a2899c1897bd3c8f679d0acfc31250c
SHA512

2453223b0085a96532adf2e5f7eac3263cea8b8202e6cafec4396ae9d2d5dcd7e2e1341c98e84e400bde69cff1b6dbce2c31ef76ac16a06e3d5a5096c71f4ee2
SSDEEP

12288:Af4dIWSXr5NEdzqdly0vA6SoenaPIh5AsjAO1iJU:wJXrcdzSyR6Soc2u5AlU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aab3c7a9f839e7f22adb2dd204c63684_JaffaCakes118

Files

aab3c7a9f839e7f22adb2dd204c63684_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e1ad2f986ad7f776fd3caffde19f0d01

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
FreeLibrary
GetProcAddress
LoadLibraryA
GetLastError
HeapReAlloc
HeapFree
ExitProcess
FindNextFileA
FindFirstFileA
FindClose
GetProcessHeap
VirtualFree
VirtualAlloc
GetModuleHandleA
GetCommandLineA

user32

wsprintfA
MessageBoxA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 522B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 562B - Virtual size: 729B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Xht0Z
Size: 361KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TeyTt
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ