b13ed1550a18bd0e595e804734952f89_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b13ed1550a18bd0e595e804734952f89_JaffaCakes118
Size

247KB
MD5

b13ed1550a18bd0e595e804734952f89
SHA1

b31e64d2a53a7e8f0b18b87a6f5327eaab496f51
SHA256

6c0dc982c91a7257d11f68cd4a61a0f80398f821a349f7fb848c213c6c9ee811
SHA512

c64ac8644ac65fd2b82a69eb221ce5695a6d37311853f21c61faa59a3135371d89bc6cc28a78a967edde48789b94ceed50ce7b9782d64fa3f752e45ac5e22ed9
SSDEEP

6144:zs7sF/LmGEDgtDa35uR/b2ozd454BNYlC0:zsYTmf8J+m//454/ut

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b13ed1550a18bd0e595e804734952f89_JaffaCakes118

Files

b13ed1550a18bd0e595e804734952f89_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c0e70bfa5f73f1f1cef484e2bcb5bf8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA

user32

MessageBoxA

Sections

4621862
Size: 201KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6359308
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6698653
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9089433
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9750173
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0613567
Size: 512B - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4596243
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE