f9e05e59f1f66c9e28666161573ed8ea_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9e05e59f1f66c9e28666161573ed8ea_JaffaCakes118
Size

58KB
MD5

f9e05e59f1f66c9e28666161573ed8ea
SHA1

a38d7c1f5e0f2c92dadf991b3417831d533432d3
SHA256

16dc1b94a3e5b3ce43228b4720c1810e827ba4eaa8ccff090ad1b461b470ad94
SHA512

24949c066930206b1770ba8e9e1312d7266098b804f971d1bc8cbea72ee1bc8a0251059ef9da9c31f48649b213bbe4ef8679151894c7cbf00ca160b2ee82bf4a
SSDEEP

768:tq7dnfOff8KLoPaNTrOOw+HFnlrMqnbdfynfnT+WF9Uj/Cqymv98t0MbtIc8Hxg5:tq9fpKLua6rIRtM6WHUrem9GLjHhp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9e05e59f1f66c9e28666161573ed8ea_JaffaCakes118

Files

f9e05e59f1f66c9e28666161573ed8ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5cbd32510ca70f6ffda2f841dcdf88cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA
GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

Size: 38KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SoftComp
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 273B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DalKiT
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE