fb7045839c3be241039afa50557ffe80_JaffaCakes118 | Triage

Sharing

General

Target

fb7045839c3be241039afa50557ffe80_JaffaCakes118
Size

187KB
MD5

fb7045839c3be241039afa50557ffe80
SHA1

f14b5a4faba016f219dc151f50e5c542beddea2a
SHA256

446ea9e4ac7a278c4c16dabb155b68dc8adcc381146148f41f1b3ee75b5c5c64
SHA512

be33fe8db975ff3431c2dc874e6bfe5584589d3faba392096a027e4b5f1cbdaf27d98ff60f1bdb730460c9f23167683dce63abaad271c61dcc34ca49e6b11e0c
SSDEEP

3072:qGuZbgh7CTs4/ddEYaiYF8B9DrBba1uVe2zlOytt3WXGadAtLtBgi4J:qGuDrdyEYyBbaD2z4wCGiAvBgi4J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb7045839c3be241039afa50557ffe80_JaffaCakes118

Files

fb7045839c3be241039afa50557ffe80_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

d9h49iyp
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

qkcho6gw
Size: 145KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8vlhr3du
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ