0491aed1e4f7925f756e5f79a1bbce92_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0491aed1e4f7925f756e5f79a1bbce92_JaffaCakes118
Size

266KB
MD5

0491aed1e4f7925f756e5f79a1bbce92
SHA1

8a2d4da987208ed740d92458516d45ddbdef399e
SHA256

e12e31c7828a7ea810968d8d5f82f0ff0e25192643d9da115d660a30e56e5adc
SHA512

beb2e271cc4a95e3ba9855cda4b269f25c4111913e8c37ce7e76eb0c18e3e54ae19732a8a00d4829af5f1b548c34a6672d4327a6202ca0e807210c4f13c8afda
SSDEEP

6144:x6fsYXWgdQTGG1d/BM9svQIOfLp5/vpgo1vuQGFa+wKvxTU7:x6fAaG1d/6xIM7Zga+wKvi7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0491aed1e4f7925f756e5f79a1bbce92_JaffaCakes118

Files

0491aed1e4f7925f756e5f79a1bbce92_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ae2fa89405eb679f2ed36710e38feb1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetTickCount
FreeLibrary

user32

SetTimer
UpdateWindow
ShowWindow
CreateWindowExA
PostQuitMessage
EndPaint
BeginPaint
DefWindowProcA
PostMessageA
RegisterClassExA
DispatchMessageA
TranslateMessage
GetMessageA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 910B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 231KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ