c0f2af1cbc936d6a816ae783c8edf5ca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0f2af1cbc936d6a816ae783c8edf5ca_JaffaCakes118
Size

29KB
MD5

c0f2af1cbc936d6a816ae783c8edf5ca
SHA1

7cd3f58eaa8194c84f6dbd6bacd7bb31510e6460
SHA256

2d31367e618c953d1e2142b33b70cdf59448a40175ed56d16783e68b455ae3f9
SHA512

b218e3560b88b50e6bd35f6e68af7fa6132b51bb1efb330c9dd17ab586fc333d3b340208e67159e651d34e3a1fe7e1f536c5fb485caeee9c9ce46954ea90d5ee
SSDEEP

768:HuKCSf6FpTPDD5j+0wSIWxtHUOg7dU4ET5zrqc5:O53ndeSIK9hg0zrV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0f2af1cbc936d6a816ae783c8edf5ca_JaffaCakes118

Files

c0f2af1cbc936d6a816ae783c8edf5ca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1738985ef3490ee0e357401a5c199c8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA

user32

MessageBoxA

Sections

.data
Size: - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE