d04cda0f6bc9b561ae877fe7ccb42232_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d04cda0f6bc9b561ae877fe7ccb42232_JaffaCakes118
Size

164KB
MD5

d04cda0f6bc9b561ae877fe7ccb42232
SHA1

a4fe33490001d6aedaf16fa12ba460ae1706ab6e
SHA256

043759ed12a0e6b71f3831dabefd7927a127ee772f7d6dc2875db3d9ea3ca2f3
SHA512

214402cd6bf8072bd7341b5289baf9e8a6364170564e44e8176ecbb391ab08f3b96ec1f979f01f8acd2c9c55a8d4434a180ccc80f1c60572ccf6831383745571
SSDEEP

3072:083jCmpVzu7jm1GV6nZajtl8AKSvl8EkHvfkwa01HdWRM7iaVF0fxG29fl:08TCmpSjV6natlFdv2Ea8wjOBpG29

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d04cda0f6bc9b561ae877fe7ccb42232_JaffaCakes118

Files

d04cda0f6bc9b561ae877fe7ccb42232_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4efc2d3e673738b5817f6cc5819957f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetModuleHandleA
FlushInstructionCache
VirtualProtect
GetTickCount
GetLastError
GetProcAddress
LoadLibraryA
Sleep
LocalFree
LocalAlloc
VirtualProtect

user32

wsprintfA

Sections

#,K1oxco
Size: - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4YyK*BVn
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2XVd88Zt
Size: - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

-@EpAyHs
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Upu9n!@q
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE