c042e93c844216bc51d9a1d9c4fcd211_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c042e93c844216bc51d9a1d9c4fcd211_JaffaCakes118
Size

393KB
MD5

c042e93c844216bc51d9a1d9c4fcd211
SHA1

646ff1e85a5197219705497a75dbad1f8edc9111
SHA256

5c8bec4f37275c32a8fbd0c685c4b9926a6597e66221d268d0bc55984bf7751c
SHA512

86812a2532fef1859a0df5cfa9dbfa9fb569dc7aa87f653d5e97cbf3368ba17a063591c5335129589c9816c2b5d52311791e39b93296fdabcb3934451a65f448
SSDEEP

6144:tUkXAZDx2E0JJq1UoM2C4j4t3nnU0cp1Q+H2CrGg91+pU+kBilH:+kXMDz0JSUHG4Bcp193GgFH+H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c042e93c844216bc51d9a1d9c4fcd211_JaffaCakes118

Files

c042e93c844216bc51d9a1d9c4fcd211_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e1f282449492d5fc7a87e6f1c3ced5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LocalAlloc
LocalFree
GetProcAddress
ExitProcess
LoadLibraryExA
GetModuleHandleA
VirtualFree
VirtualProtect
GetModuleFileNameA
VirtualAlloc

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 350KB - Virtual size: 780KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 5KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ