fa38adcbaf166bec053eb8ab2d2a1621_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa38adcbaf166bec053eb8ab2d2a1621_JaffaCakes118
Size

188KB
MD5

fa38adcbaf166bec053eb8ab2d2a1621
SHA1

bd349ecf0500d1ff06464761b2cfc3ac81bd2413
SHA256

f65d0161ed45fcda27fca89842f23580cb625664d4b9db7e5580c5c043d7f255
SHA512

f770df0ebcb7ab5f122ff9e1f20ae1fbc4353bb8dae4a2b5a7997577db09d62c48211a208c05606490cc955df5e98a5aa1bb17932c538c295423bc715debf20b
SSDEEP

3072:lVvT5s5Vt8bZdyKjJ/pZ4bXwQxLrClVy07jRExhWt7+NSFlKFIQ:LvThbrjFp6bwQxLrxyMUgsl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa38adcbaf166bec053eb8ab2d2a1621_JaffaCakes118

Files

fa38adcbaf166bec053eb8ab2d2a1621_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c372311534116eeffdf56f3f6c69c5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
ExitProcess
GetProcAddress

user32

wsprintfA
MessageBoxA

Sections

CODE
Size: 156KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nPack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE