ad70151a698ae34dd5212bf7110fd830_JaffaCakes118 | Triage

Sharing

General

Target

ad70151a698ae34dd5212bf7110fd830_JaffaCakes118
Size

472KB
MD5

ad70151a698ae34dd5212bf7110fd830
SHA1

182b60dc9da8fd67622f0e2601f714559f806b5e
SHA256

83ceccf27f91842a8cca22c8893370e09a86742e11fc735156d63bbb56eefa88
SHA512

d48dea5d62dc4334d73ed2ec3a689cb2da992c92318ce3d6f5135c5dca2abbc5c88b7cbb18aab4d6a036b8a1f1c6225783b77b0fec2fb4f6ac52fe74f3cb6b80
SSDEEP

12288:6nEKYdy/F/th0GxQ8hsLlEknbi4oAWa+Xji5ooooooLoooooosL3/kv4Dxi0:6nEGFSQsLqjiooooooLoooooosT/kv43

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad70151a698ae34dd5212bf7110fd830_JaffaCakes118

Files

ad70151a698ae34dd5212bf7110fd830_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

dg295.eq
Size: - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

5p92rj7j
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7nt7pmv6
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zaoop0.d
Size: 439KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1p9tw7n.
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ