c28308f3b15d1d227998e2bb1eaf5a3c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c28308f3b15d1d227998e2bb1eaf5a3c_JaffaCakes118
Size

212KB
MD5

c28308f3b15d1d227998e2bb1eaf5a3c
SHA1

38abfde23f634633dd5ee56965ec246604123d65
SHA256

81bcf1b366de84e83d0f9e7efcc771458e447f530c5937db295785c55ff7e9e8
SHA512

52e2d5c6cdd3b1204953e5c6a52bbaf7b413417002593a4f7963e09a87e95f5707eabdc65d478bb13b4b96d98164f541cced8e6635672469284d8b700241768a
SSDEEP

6144:FRxlIAFaa9xPL9JvWz1AXFza5bQOrGgw9YKxH:x61a9xPPWz1kcb9dw9YI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c28308f3b15d1d227998e2bb1eaf5a3c_JaffaCakes118

Files

c28308f3b15d1d227998e2bb1eaf5a3c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 117KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0n3uhx7f
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hvibkwbj
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

..zutdot
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

g5gqfkuo
Size: 90KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3lyvxqou
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ