eacd1f588749c12e00f650efde056151_JaffaCakes118 | Triage

Sharing

General

Target

eacd1f588749c12e00f650efde056151_JaffaCakes118
Size

119KB
MD5

eacd1f588749c12e00f650efde056151
SHA1

0f8ae9588132f337e1aba7f7b69a0faa39adc0d5
SHA256

78a0bed30f98dd402087b605defcbe75b09ff7e346daef392461b829a29acf25
SHA512

b190e4ce1cf3f229dc6d3d59e2e1098ebc4b6285b015af4419cc0fb242410e33cbe95ebfe77a894fd6cdc95114b6f55a10075fc628a6e3ec8ad66d8e5e558930
SSDEEP

3072:pVzjzrYQkED9OyNCevNR0sSq3lVwibQT6ISiPeIE4ua1P:pVzjsEJOyNP3PPwibQ2TIFX1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eacd1f588749c12e00f650efde056151_JaffaCakes118

Files

eacd1f588749c12e00f650efde056151_JaffaCakes118
.exe windows:0 windows x86 arch:x86

4bda570ce112adc211f3bd7fa6b82f33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetModuleHandleA
GetProcAddress
VirtualProtect

msvcrt

malloc

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QW0
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QW1
Size: - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QW2
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xiaohui
Size: 6B - Virtual size: 6B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ