c85da6507924e07ccc586cea82e1abda_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c85da6507924e07ccc586cea82e1abda_JaffaCakes118
Size

21KB
MD5

c85da6507924e07ccc586cea82e1abda
SHA1

5c4082cca508c2fd57ad7dc28badb3d3a66ccc36
SHA256

34c7fa3819f880701a1c6cf0773dd5382fa3be6bb0a5661568d7c01dfab3b8e6
SHA512

69d1efc39ecfe5650cf98bb444cbb55b4d7f9cf09b3b4e1ab1c51b297ab623c7e9bf0e18284a3355691352fb324a1a0cba2ac04d1b4dfa90007d103a559d1e83
SSDEEP

384:mDX7i9ticvaf5JqQJOJlIi8JQ+TKiIa0BUiKp4mCkDCceMUzXUk36Mk:mDX7i9QcSf5TYG9BIsbCVceMU7qH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c85da6507924e07ccc586cea82e1abda_JaffaCakes118

Files

c85da6507924e07ccc586cea82e1abda_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5cbd32510ca70f6ffda2f841dcdf88cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA
GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

Size: 14KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 746B - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SoftComp
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 273B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE