abc3969bd17141823e60815ec45ad2e4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abc3969bd17141823e60815ec45ad2e4_JaffaCakes118
Size

14KB
MD5

abc3969bd17141823e60815ec45ad2e4
SHA1

2cd57d07dfd1c4d71f9945def8b204b29eccd41d
SHA256

1d7912ba1c6320f0d4f5f02aabc7c661d397f3ee3516be5bde769831972f4253
SHA512

5c94af80dd11cfff9523b8043bf1de75822031f1c3ed4bcc9c2af3b821dcd536aa9fbadad671bb9f81caabae3fec445bf1d7a81c7c6ae58d5797ef9e3b60e447
SSDEEP

192:lXbQlPgfr0/Z5lJknkqsU2CLFU+klWXk05EFG5YKLjd1pAEj:lXbQlP6r0IkjUWHlWU0p5YsjzpAk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abc3969bd17141823e60815ec45ad2e4_JaffaCakes118

Files

abc3969bd17141823e60815ec45ad2e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5cbd32510ca70f6ffda2f841dcdf88cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA
GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 210B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SoftComp
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE