d1a65dea78c10a5c645ce1c6bde1ce78_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1a65dea78c10a5c645ce1c6bde1ce78_JaffaCakes118
Size

360KB
MD5

d1a65dea78c10a5c645ce1c6bde1ce78
SHA1

ea088be5ff65776c6793b187c0d36a5c215af82d
SHA256

480a94f3a45781790f86b8293a2c4867c9cab70f6cf607622dfe0512c592fb15
SHA512

2d3a4b48c62253d631e3469bd765c8fd9a297ef85410c8fd89314b06c5550f91b085c51fac92c87035f8be8a24ae231d3a9f1235545494a3a3e799c81aaf2a1d
SSDEEP

6144:CJ3y7wUJmViTCkDcS4AF4hh4ZCa32aMA8RNYUHQcSxcR6PWVtG8CXSocmB:CJ4gimkoS4AGH4r3NgR+UHjSxcRBtG8y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1a65dea78c10a5c645ce1c6bde1ce78_JaffaCakes118

Files

d1a65dea78c10a5c645ce1c6bde1ce78_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd227ba966c127e93fe82f25f211eaca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
ExitProcess
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA
HeapAlloc
GetProcessHeap
HeapFree

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 9KB - Virtual size: 396KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ