d6e2658c76c83a67000a73a69af7e7ae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6e2658c76c83a67000a73a69af7e7ae_JaffaCakes118
Size

6KB
MD5

d6e2658c76c83a67000a73a69af7e7ae
SHA1

02924b00df953513c1ee83b9aa6ca009caf89a08
SHA256

0bb8e054905e45c242a2da64c857c0004feab5f9e1e5e649613216740c40dfc6
SHA512

69641090786fe98073c0919c2c0b4c414b11dfe7b177a3a01b7abed29f8110296b625b21944e1604862f46bcc5eca68374d82ef8dfd641fc256baf605fe290df
SSDEEP

96:0PUYV+eqwCJbAELGwFCP5YHj8S2c2DYmS5:05AddGwFEYHjL2c29g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6e2658c76c83a67000a73a69af7e7ae_JaffaCakes118

Files

d6e2658c76c83a67000a73a69af7e7ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

12cf66e650697cf2ccccab9c5a978c25

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

crtdll

exit

user32

MessageBoxA

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Jb
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE