017dd42568d0029af09c9d2583129c26_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

017dd42568d0029af09c9d2583129c26_JaffaCakes118
Size

46KB
MD5

017dd42568d0029af09c9d2583129c26
SHA1

af3c1f662adfba25d11a00be9c3ce1528c5a8a3f
SHA256

14dd2c209c004d7dd40980f7f55e20dc390aa8ca7946eb19f0e7fc501783a97d
SHA512

1e0e050f991f3f86c1c4b037c551b94db1ebe7007d356dafa74496214c5111abe98bbc3258f7a9ca31eef715f80f3417f5616c4b4123e2bf258aa3f6e35cb6e0
SSDEEP

768:aHJVdrP8bthEsV/bxP9X4Va3KhGOCbXdLwbYJ6vs9rffo1nTHYiDmdvYLL9L:+JV9mbEs9R9X4VEOmdc5vs9rffohtGvW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
017dd42568d0029af09c9d2583129c26_JaffaCakes118

Files

017dd42568d0029af09c9d2583129c26_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f5fba7d6ff3058396bfb34d646b019ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
ExitThread
GetModuleHandleA

user32

GetDesktopWindow
MessageBoxA

Sections

.text
Size: 1024B - Virtual size: 766B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE