e1d0a80750c9928d1ccf4360a1d43e3d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1d0a80750c9928d1ccf4360a1d43e3d_JaffaCakes118
Size

100KB
MD5

e1d0a80750c9928d1ccf4360a1d43e3d
SHA1

72d754b63869af3bed4dce6ddc0c320ff9cc0993
SHA256

c21b0eb1eab38827643b5973d19eac458c119513ed69755d5933aac6524c4da8
SHA512

e84dcbf597b69285f59eec53f58870a4068e9eee5047580087d4c2ad0431c2acfe1da95b422436115362d8508dacd7a8362302fc72f5793aa0293c3761a2d20c
SSDEEP

1536:c/aRW4FX29B2hXLTuE3yV+D1Qc6LlLrgjY+gyCmEDNo/aR4r6t773ez/t:c/cW4X294ZuEiVwql4U285GaMCWt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1d0a80750c9928d1ccf4360a1d43e3d_JaffaCakes118

Files

e1d0a80750c9928d1ccf4360a1d43e3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

953c971d017c7c4de8f452b68ee34dfc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
CloseHandle
GetLastError
GetThreadLocale
GetProcAddress
VirtualAlloc
LoadLibraryA

user32

DispatchMessageA
TranslateMessage
GetMessageA

oleaut32

VarRound

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ