d14ccd96b0ba23c3391cddb4e4f14828_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d14ccd96b0ba23c3391cddb4e4f14828_JaffaCakes118
Size

36KB
MD5

d14ccd96b0ba23c3391cddb4e4f14828
SHA1

257d895a13b550a6e050eec3694544a8524fcccc
SHA256

dcfebf25ae6db04ee1ed32e2e45b884c62a36c73aef3d99c127a7d09a73bc651
SHA512

3a5b80a9d519e70107965e874d517b53253cc2e7103e649ad6158ce3fac07076671a3d734850c19dad760bcf089dd4fe1a1a038e169cdfdc4a470844d9a00dc0
SSDEEP

768:oqfDG8p86nCzVusVX8DInBOmAggGgCUBXeJu7TdfZ:oqfDSL4I8DIomA9OUOu7xh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d14ccd96b0ba23c3391cddb4e4f14828_JaffaCakes118

Files

d14ccd96b0ba23c3391cddb4e4f14828_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd227ba966c127e93fe82f25f211eaca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
ExitProcess
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA
HeapAlloc
GetProcessHeap
HeapFree

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 29KB - Virtual size: 608KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 224B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ