aef295f4f5f8d06dba35e04e3fc5973c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aef295f4f5f8d06dba35e04e3fc5973c_JaffaCakes118
Size

31KB
MD5

aef295f4f5f8d06dba35e04e3fc5973c
SHA1

0b66ae70a69bd3b56f9f7efdea014a1e51713f34
SHA256

ad230915ac1dc46f42549a29c792d5cf828d6f8a1fb22f36df51df7e128431ad
SHA512

bd51822e284b83f40765aee81222d7ebeea0bae53b058ec4260c8c3539e60b4496c9c9e4f867459005b4270d7670a389f5c5cf6fe4ea194d4566129ffddfa892
SSDEEP

768:k3FXNuyMogEBKJVcCr7QEkmJWAeRRHEEf0DxsxO7IhysopYTyg8K:k3F9xkrx7HkcZYWb1UO7uTTB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aef295f4f5f8d06dba35e04e3fc5973c_JaffaCakes118

Files

aef295f4f5f8d06dba35e04e3fc5973c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

372cb1afc2a93c932bf474b9fcb8cb7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalAlloc
LocalFree
GetProcAddress
ExitProcess
LoadLibraryA
GetModuleHandleA
VirtualFree
VirtualProtect
VirtualAlloc
GetModuleFileNameA

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 22KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.asprl
Size: 496B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ