ebd4e911899592ed8da66974766fdb7b_JaffaCakes118 | Triage

Sharing

General

Target

ebd4e911899592ed8da66974766fdb7b_JaffaCakes118
Size

89KB
MD5

ebd4e911899592ed8da66974766fdb7b
SHA1

c85935c6cd4ce9301d2ccad2a13a687efe80075e
SHA256

0b99ecb67af7a915c97e65ba092e54df2ffddd7631078e43fb4fa7ab7d715f9a
SHA512

5a46af61511b000cf235915bdbaead1684002f4c99fe6ab9be6f46f874d33650d63516fc00b7625e0475c9147bcf6c7576186ad383bb4d0045c0ce51fbd4b956
SSDEEP

1536:TqdIyfGhmKPy1U0SFjIJM4izAUNTsGtSzSanT61mcogKYLz1lHioTwJ6daFxV3o9:Tqa3y18FjIJM4wRTsJd21JlLJlCn6dcO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ebd4e911899592ed8da66974766fdb7b_JaffaCakes118

Files

ebd4e911899592ed8da66974766fdb7b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

code
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

text
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hjbtsn0k
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8ovx3wky
Size: 87KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lqawddh2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ