b569bc01d2c871d9eb850cb4e08ef9f8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b569bc01d2c871d9eb850cb4e08ef9f8_JaffaCakes118
Size

177KB
MD5

b569bc01d2c871d9eb850cb4e08ef9f8
SHA1

642b324f72bd639b26a5bbd2668fe1df2d227a65
SHA256

c79a29e67c60219b1de73bdaac7d4231d2711caa3f3314aaa055ca73cb34924d
SHA512

a6a1d88f6dec20dcadc6234b83cad7f36062a20051596d903133713ab44a070ec26b4c8b7d722d87387c426dfeaf99540500b8c4e6fc49ea125a3a22ef44306f
SSDEEP

3072:q5uCb8fkZwUGI68TP83w+FOMZ2eKg8/Myq3QQQbRHq/x8py7aM:q5uKyYBP6zOneK0yq3QQQbR6x8py5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b569bc01d2c871d9eb850cb4e08ef9f8_JaffaCakes118

Files

b569bc01d2c871d9eb850cb4e08ef9f8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

g1.hkvam
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

68acwz7s
Size: 140KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

y9yvdwvd
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ