f0754a4b8829d53263406ac4cb7d1b51_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f0754a4b8829d53263406ac4cb7d1b51_JaffaCakes118
Size

166KB
MD5

f0754a4b8829d53263406ac4cb7d1b51
SHA1

5ab500418db1e8954fe1a2edaa2f63fdef92d560
SHA256

103b394bb0bd9e486bf8cddea27ca8abd407716be5fe6564088b0538b5b03be0
SHA512

f1c2303cd6ff9136005c810f06bd39874ef666649bc112c60a4c7ef4a3a7a568bece2107c18a0aebdb64df9415047bc5e751b8fec653dfb8e52d232fced4d50d
SSDEEP

3072:C/78riooKyveLDXdvNQcCVHmQ8TrA+zOTYPySflPksUI6wkGGEs:MHey6DXdvCcgmPM+kSdmInG5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0754a4b8829d53263406ac4cb7d1b51_JaffaCakes118

Files

f0754a4b8829d53263406ac4cb7d1b51_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4efc2d3e673738b5817f6cc5819957f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetModuleHandleA
FlushInstructionCache
VirtualProtect
GetTickCount
GetLastError
GetProcAddress
LoadLibraryA
Sleep
LocalFree
LocalAlloc
VirtualProtect

user32

wsprintfA

Sections

>Y8#oT=)
Size: - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

:+@NL>Mh
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

;/W1;8:P
Size: - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

!6\Bx]@E
Size: - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

]so\9FE4
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE