d624a367cc51ab3703d37e8b2552c194_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d624a367cc51ab3703d37e8b2552c194_JaffaCakes118
Size

184KB
MD5

d624a367cc51ab3703d37e8b2552c194
SHA1

5e3a285c83b66770e82a78126daccf8b3e23ac9c
SHA256

cba9b03108fbf1b085ce24fe7fe89d2836348da08e5ac22c9c03e0c0c0c04d49
SHA512

62074e709906baf348fa00e57617164be2043a351a76ef3e3deedc1313fc4b6b76ed03e683da7584121eb42ad234236bd69763b9bd31b133bf147faedee2c3f0
SSDEEP

3072:RkixYFEvNZrKwm1dvJHs9kTsBxlTh15DDlWH0CehFp5W+/Q1otumJvVv0S0LylCM:bYFEvNE95OkkxDI0hFp5WyQY1t8SWk2L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d624a367cc51ab3703d37e8b2552c194_JaffaCakes118

Files

d624a367cc51ab3703d37e8b2552c194_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3c0e70bfa5f73f1f1cef484e2bcb5bf8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA

user32

MessageBoxA

Exports

Exports

start
test

Sections

.aspack
Size: 110KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 21KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 26KB - Virtual size: 12.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 12KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE