db015d00011e13ad6bbd225e4830f0f0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db015d00011e13ad6bbd225e4830f0f0_JaffaCakes118
Size

105KB
MD5

db015d00011e13ad6bbd225e4830f0f0
SHA1

92985d37f74da5a9688cf2a7680455d06cd937d6
SHA256

1abfb02f59a4ecfdcbd1e5e924d994728002d10df4094ed280655816ff552eb4
SHA512

5891e67d7b33e75a121083db35817cda31d92625d4a5f43ada33f81f7242466a9f047c7a22124c135c45f52674a2905a4a1395fa80e470cefb3eb7c655af48b9
SSDEEP

1536:OUW3eWgcVqJ63c411YikWsRVhMaHI/QoUdtzeehFllSvZqFy/:OUWdBa6vrYi5sLdGQoeeGlli4C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db015d00011e13ad6bbd225e4830f0f0_JaffaCakes118

Files

db015d00011e13ad6bbd225e4830f0f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

820ab24e53af2dbafc74d24f87e40262

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

comctl32

InitCommonControls

kernel32

LoadLibraryA
GetProcAddress

Sections

8r0k3n
Size: 11KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8r0k3n
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8r0k3n
Size: 5KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8r0k3n
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE