b3285c8409d036e51987e5603ee034e4_JaffaCakes118 | Triage

Sharing

General

Target

b3285c8409d036e51987e5603ee034e4_JaffaCakes118
Size

23KB
MD5

b3285c8409d036e51987e5603ee034e4
SHA1

ce611201449b306869d42b78a249693fa22e5969
SHA256

128cac7290a0bf202b7b9d12afe61b2ac4ff571d2d6459ca87612addbd889e74
SHA512

2da89f93d07b0f38790f1755f37c3057a1b7f50a6d1f52e7276990f548049eab4711aa9aceac897211cb3f4b45537da3365df2e276ade679ba19060e80598202
SSDEEP

384:g3ijzS9ANncpHpR8gsFpLqHFmZwLm3uPQUYbps3soBatBRGNyWqur5RLd:CijzWOncZn8gopLefL2u6pHt/GNB5/Ld

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3285c8409d036e51987e5603ee034e4_JaffaCakes118

Files

b3285c8409d036e51987e5603ee034e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c92746cd3b69c56e5c4ed6d3f9854fa1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
FreeLibrary
VirtualProtect
GetLastError
CreateMutexA
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA

user32

MessageBoxA
wsprintfA

Sections

.data
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ