e23432e8f1ca85c04824b7c24efb0508_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e23432e8f1ca85c04824b7c24efb0508_JaffaCakes118
Size

20KB
MD5

e23432e8f1ca85c04824b7c24efb0508
SHA1

6324c31aeb600587be4e2c19dcd933864d336b10
SHA256

a4940947d5bb66cfae537b71b309d167ba0fc88bf467e76125be4872901662d6
SHA512

e8295af96308f5ca6eeb0166761b8948f2c878fb48764808fe010cc4621254b9a9dc98644629e199cf274c94e24fffba40565f5f9e4b08420bee0226ac3acc90
SSDEEP

384:ZKMwP/Vkaj/QeKA5KjDAhxYI1rIbpsxRusYf6GNeFWqutz8:ZV0/vYmAjDAh16pe7YyGNeg5J8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e23432e8f1ca85c04824b7c24efb0508_JaffaCakes118

Files

e23432e8f1ca85c04824b7c24efb0508_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c92746cd3b69c56e5c4ed6d3f9854fa1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
FreeLibrary
VirtualProtect
GetLastError
CreateMutexA
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA

user32

MessageBoxA
wsprintfA

Sections

.DATA
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PDATA
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ