cf69a72768fecdc4fce826948a4e12a9_JaffaCakes118 | Triage

Sharing

General

Target

cf69a72768fecdc4fce826948a4e12a9_JaffaCakes118
Size

2.4MB
MD5

cf69a72768fecdc4fce826948a4e12a9
SHA1

669733e53bbbb0a3a9df9e7b0c9e8ff06c8cef8c
SHA256

a65f35b7781221ad5b0bbc829022f02e7d59cad3c408e77caaa777c85c188deb
SHA512

3c321d57c4243f9665e1db3b01c6c4f252bae75a76c60d0daf80b7fc77b8693262e8d8425f95a8a01c49358ba35d78e70f2aa03196f01d30fedba4fb30f7cde8
SSDEEP

49152:WLBTD4y+gGUgZMpdNkhFNI+GSE7JRzT3oYIRfEku0iiPWPC:WB43ULpMhFvpQJRzTYBtjiK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf69a72768fecdc4fce826948a4e12a9_JaffaCakes118

Files

cf69a72768fecdc4fce826948a4e12a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0ca8fb524d53a294a75f3adfde9e816

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
ExitProcess
GetModuleFileNameA

user32

MessageBoxA

Sections

.data
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 453KB - Virtual size: 453KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ