b63f5d00ed530d6d7694fd440bac5870_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b63f5d00ed530d6d7694fd440bac5870_JaffaCakes118
Size

87KB
MD5

b63f5d00ed530d6d7694fd440bac5870
SHA1

46f165b26c997e5856f93576e00a57de89646856
SHA256

8eeccd6564b3e3eeab3163fa44c5790f45418386ab0fae79924e24304ec963e4
SHA512

7ff09e886ecdec9bc963faf1b17ab20195222a75e6d2397c4bbb1b2a9d06d64cf94b6e90de445dd2651f59c9af88e62bd44629c267ce3fe7020b36937d44e380
SSDEEP

1536:YQbPFfjJ+bZoTCbf9szyvo1GNyu2292o5nSpZ4vdQ9jbazrbvHIaD:YQavBs7Hu2292o5nSkvdEarvHtD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b63f5d00ed530d6d7694fd440bac5870_JaffaCakes118

Files

b63f5d00ed530d6d7694fd440bac5870_JaffaCakes118
.exe windows:5 windows x86 arch:x86

820ab24e53af2dbafc74d24f87e40262

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

comctl32

InitCommonControls

kernel32

LoadLibraryA
GetProcAddress

Sections

.nsanti
Size: 43KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsanti
Size: 512B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsanti
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE