fd7e36e452c9b2679cbb4a9b600c74dc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd7e36e452c9b2679cbb4a9b600c74dc_JaffaCakes118
Size

715KB
MD5

fd7e36e452c9b2679cbb4a9b600c74dc
SHA1

da85e0d67180e0ba6bd51b08150cfdace2b7ebbe
SHA256

1c648c0e560d3e8e6d1e81d893fe9bf76012a8c05049addd1f1f723e690b9661
SHA512

ab3bc5c89e1f2c43563f45b69bb6e343e6e20a1ee4ed6094b4139c3c38749b85db1898ec4a3336de7a9004a6bd0a77fd0c74eb7d3141060b2078ab6f34e25e02
SSDEEP

12288:nnq9gsxrVu4zNEjulzZGgq+3Y6OFX1jAWJdYu4v1Zu3hMEeO0dFhJ2LwQ0b+chha:noRu4zNEjulz3quYBPsWNGZmMnXvnpb2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd7e36e452c9b2679cbb4a9b600c74dc_JaffaCakes118

Files

fd7e36e452c9b2679cbb4a9b600c74dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e1f282449492d5fc7a87e6f1c3ced5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LocalAlloc
LocalFree
GetProcAddress
ExitProcess
LoadLibraryExA
GetModuleHandleA
VirtualFree
VirtualProtect
GetModuleFileNameA
VirtualAlloc

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 706KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 5KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ