059011c7e86313ab9025cb546d0c6fa3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

059011c7e86313ab9025cb546d0c6fa3_JaffaCakes118
Size

481KB
MD5

059011c7e86313ab9025cb546d0c6fa3
SHA1

164d9443d07733fb4cd33239d76e1f56332c99af
SHA256

705c45b307be3ca53f2b6381055a4db47d94c566f75dd0baedea619090441bf1
SHA512

756528f17c45162d044bcd8e7dd17c73bab6012e2f3bb2557f040f4aa55ab5c1b85cd3494052fe40f3a4323d51692326ac73f074dad0c4ff2f7a953c89fdc717
SSDEEP

12288:KodfHhom2qNf9JEVxACW7XGTYRpGlt4X7i4/45e:7fHho3qN1SkBbf/G/yujw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
059011c7e86313ab9025cb546d0c6fa3_JaffaCakes118

Files

059011c7e86313ab9025cb546d0c6fa3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

p0vpee6d
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 408KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

99smr6i2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gptfa8y2
Size: - Virtual size: 340KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7n3zkrzw
Size: 477KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE