de336c771e23d62ca0daf8a0a8dc97c4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de336c771e23d62ca0daf8a0a8dc97c4_JaffaCakes118
Size

319KB
MD5

de336c771e23d62ca0daf8a0a8dc97c4
SHA1

94c17d598bcfa0cebb8f3f5f4ac860f1ffd914e3
SHA256

2e9a59fab855ec58ff239a06a55102248741ed9358c9f67a12bdfd61b7aa5029
SHA512

5e30e8168107282f4ebf96e630523dcd78515266c3ed8010993afb377a44cb4c9b400e5081643ead3d70e9ba445508f0bb1e2194af9bb981dac7137c2b04a595
SSDEEP

6144:lihZB1EMcEfiE50WSpDj09vA1dJAYi0JP:liLgMRfDWW6dJli0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de336c771e23d62ca0daf8a0a8dc97c4_JaffaCakes118

Files

de336c771e23d62ca0daf8a0a8dc97c4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 143KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fvdx9e2h
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

is3z719h
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pagoejzo
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t51pn4jz
Size: 99KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ku5ebkv.
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ