bae06b873016eb02af70c429155fb46d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bae06b873016eb02af70c429155fb46d_JaffaCakes118
Size

157KB
MD5

bae06b873016eb02af70c429155fb46d
SHA1

c0125d8b922ecf022e0b088504992433046d177b
SHA256

88350529ceb8ccd05d13f5ec830f350dfc6a400bf950f6469fcc275aae3096ec
SHA512

21dbc071cd580107ac115379e7a486a56505fcfbf48a9a2a16d8d7af7439c39803c0bb6a36fbf57f3c103397256836c7f310ae8d7f332061d78fd70fc5efdbdb
SSDEEP

3072:cVDM8zut/AAAAApjfHr8QLD99NiXxb39K3/Aa9W+YY36cnNcav8PzT4Hn:cEAAAAAZ4QLDPNiFu/Aa9W+YY36KNszq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bae06b873016eb02af70c429155fb46d_JaffaCakes118

Files

bae06b873016eb02af70c429155fb46d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xi9xi3r9
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bvy9m8d1
Size: 128KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mhl9cqsh
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ