da13264695024739caf7bf6c552365e7_JaffaCakes118 | Triage

Sharing

General

Target

da13264695024739caf7bf6c552365e7_JaffaCakes118
Size

104KB
MD5

da13264695024739caf7bf6c552365e7
SHA1

358635443cabc16d81c0162f835532780ea9213e
SHA256

e9806b22f51b828b7775f951fc862adbf3f52563ac675b0a51154778d65cc3f8
SHA512

79d4d0a7e81b4281507073aead3c9582d0c36cfaf8faee99d21d4293e1483e8fe25e46bcad56f79b415d44a6fb73e10d609990a7523795ea73abce61f695e82f
SSDEEP

3072:dS4NDMiqLJooQtwpvnyMqT/Mhtcgjt4EbhWbs4HoZm2TMrQuAnW:dS4NDMiqLJooQtwpvnyMqT/Mhtcgjt43

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da13264695024739caf7bf6c552365e7_JaffaCakes118

Files

da13264695024739caf7bf6c552365e7_JaffaCakes118
.exe windows:1 windows x86 arch:x86

105732f0c6968ac8bea2b4476eda4263

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA

kernel32

GetProcAddress
GetModuleHandleA
ExitProcess

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE