ab93153a641fc2049e2244d86429ddc0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab93153a641fc2049e2244d86429ddc0_JaffaCakes118
Size

202KB
MD5

ab93153a641fc2049e2244d86429ddc0
SHA1

71ff5efbfcefffad6d75c73bc7dcd532e77d0698
SHA256

242498a8d772c577f875ed0a1d67081bede5e868e924c031c941b2ddcd8751ec
SHA512

289dc822a27da95950f23573448499906e4f9f00e33ca0e967094373ea2f901b83fdf0fb9eea812c32fecaf340753a8713bca57732f3da7f9f808a822b5bf85b
SSDEEP

3072:StO3sTQeTG3ReIN2+X3/z9+k2PVjC21/hkXaFLIB6L4fho94+gdBq0Ui+NiDjH0n:SMe6gY2+7Qk0Vj70W3LUhODkJUkH0fv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab93153a641fc2049e2244d86429ddc0_JaffaCakes118

Files

ab93153a641fc2049e2244d86429ddc0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

372cb1afc2a93c932bf474b9fcb8cb7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
LocalFree
GetProcAddress
ExitProcess
LoadLibraryA
GetModuleHandleA
VirtualFree
VirtualProtect
VirtualAlloc
GetModuleFileNameA

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 18KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.asprsc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ