f065a715b085c91c7c72dbd10b0678e5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f065a715b085c91c7c72dbd10b0678e5_JaffaCakes118
Size

116KB
MD5

f065a715b085c91c7c72dbd10b0678e5
SHA1

3bcdbcd0f8c95a2a5cf527164e67e3c37055ae86
SHA256

ee1745e8822265a6c95673f8eda3e2afa8d121876f2d8b1c18491c5417d86d70
SHA512

e14f235b83c6b7cfd09ce81008f888b8f5454919af36b0000578bc959bf4009d703ad6b3d3658ff8997b191193c9d0eb6d90bc548c31e9f3464e70211a450532
SSDEEP

3072:6PACTXllWmzc39d3MroiWnmQGxcSW87INANm1l2x:6PdXfz69NMMiTUNd2x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f065a715b085c91c7c72dbd10b0678e5_JaffaCakes118

Files

f065a715b085c91c7c72dbd10b0678e5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c2f7607677c93ab1a1a08587f1a65e88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
Sleep
ExitProcess

user32

GetDesktopWindow
CharNextA

Sections

.text
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Yyfqj Te
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Aynwbfey
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Wnoqlxco
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 233B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE