bc5c9b1811b9f3c78a615c96f1e9871c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc5c9b1811b9f3c78a615c96f1e9871c_JaffaCakes118
Size

193KB
MD5

bc5c9b1811b9f3c78a615c96f1e9871c
SHA1

2771427d2237fb81bfb6581104e75d0745ad8762
SHA256

afba86ea402939c5867e6935d6ccde1a75d817b60bdf8424f39fa9801ad48022
SHA512

09d69f78e7d577c8237df6e944fb0c12738b7124c363c3651eed1f718298122dde2156a28d38dcabaaa036ab2f47eec5739a4267b67fe88fd9a50abfc9757c00
SSDEEP

3072:2lnoVo+3TbZKPqCrYRvO9PUEbDoUKb+i9GZUJXAYhFJdmXjzp6zJM3lbRH8VG:2E3ZVZoPU6XKb+2iULhFJdOxkJKH8VG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc5c9b1811b9f3c78a615c96f1e9871c_JaffaCakes118

Files

bc5c9b1811b9f3c78a615c96f1e9871c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 129KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

g2enb.77
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

r4t9o2q7
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rzl7rj5i
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ