b46c2d12e15b0612a8c7dc662fd2bf58_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b46c2d12e15b0612a8c7dc662fd2bf58_JaffaCakes118
Size

184KB
MD5

b46c2d12e15b0612a8c7dc662fd2bf58
SHA1

4e418e28ce813e2e90fdde65ec203a150245d117
SHA256

5bb922b85a73c0a589f41ac787e92033b93eccd75b4ee0333c2276280e5bfd09
SHA512

ee39797a013c4248a0c84a537cf4e3582fbd2b5d7246768fc267cfa8de4b4f45226c12cb6fe28c3097481d0b995c063ce83cde045af7a7369a474a83c72272e0
SSDEEP

3072:qlbuCbJt0N2ATjFNfZOjrANroK2lQBg+OW6xAyVLyPOzbq04qi:qZus0N2QP8neroKCQVOVA4rzb6D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b46c2d12e15b0612a8c7dc662fd2bf58_JaffaCakes118

Files

b46c2d12e15b0612a8c7dc662fd2bf58_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

poad6en8
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

1ymby4lg
Size: 146KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vshil7ek
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ