bb03e27a4fe9466a02ed37dd42dfcfb3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb03e27a4fe9466a02ed37dd42dfcfb3_JaffaCakes118
Size

480KB
MD5

bb03e27a4fe9466a02ed37dd42dfcfb3
SHA1

52e91656434ef6b0381a61174b7d2f4ef1fb5972
SHA256

cc9cd506f85b9a821cb47891465cbfb43993252ecc46ebdc7c944f274accc6a2
SHA512

df300b88df7db9fe252b5767848cbef5bfec5b9283fc8134cfaef2cbdb636224472c1ada1766f02175603be73874e3dff01604ee70f6f3f1df29f8714b2236ba
SSDEEP

6144:uk7jiv+LAdWUWIk7Jgc4273bXShZvBCY6qDePMdxgH+v4vJG+hOF4xM:ukN0NcJhLLShZJpAMngHcsIuOF4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb03e27a4fe9466a02ed37dd42dfcfb3_JaffaCakes118

Files

bb03e27a4fe9466a02ed37dd42dfcfb3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98c88d882f01a3f6ac1e5f7dfd761624

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess

user32

MessageBoxA

Sections

Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 24B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE