ba91dce83862bab1d1984f91e94ab5b9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba91dce83862bab1d1984f91e94ab5b9_JaffaCakes118
Size

114KB
MD5

ba91dce83862bab1d1984f91e94ab5b9
SHA1

e9169769a2ef86fe416b3c6637ac36fb5c898064
SHA256

415c616a0bd26f6073c5b1d7bbbab752b399cfb40c5dbf94ad11c5142f0068a0
SHA512

0357ce857087f1127d1ca46f24b37a595a3614b39966a226e1785033c41977f5c3b8bc2219b8ebb022be38694c69140989e6df1cd46cffd517ff9d504f6cfff4
SSDEEP

3072:v79f/iK+d/jH8OiUN+TY3CRrzf/NdTCDHWrGBP:D9f/iK+98OhNJ3CLjTCD26B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba91dce83862bab1d1984f91e94ab5b9_JaffaCakes118

Files

ba91dce83862bab1d1984f91e94ab5b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c0e70bfa5f73f1f1cef484e2bcb5bf8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA

user32

MessageBoxA

Sections

.ECLiPSE
Size: 33KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ECLiPSE
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ECLiPSE
Size: 3KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ECLiPSE
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE