056aefc2270acd01a0eafb0642f698e1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

056aefc2270acd01a0eafb0642f698e1_JaffaCakes118
Size

54KB
MD5

056aefc2270acd01a0eafb0642f698e1
SHA1

1244df80d04a3ef0141ab6efeea30cce8fc6f86c
SHA256

06b1c282ceeb3e4a85b4b283651e9363b855953d94cd6fee7af6afc990af9fb0
SHA512

7c5cf9466379d931caf4f9857cfc9c8426af1b87d9bb9c012c4684efeccbf5b99d40cb9e342ff276ba8d97d865ec28d8a309e0db8ddfcb96ed6de66a13f8d76e
SSDEEP

768:ZLSiaAXffx3hY2CSfrSOe/p+BlDoKQnY2589OCyUqlvmQuZg+fFdojg:VSu3xRYkfOOCplKQnY25RUqlvmQu6koU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
056aefc2270acd01a0eafb0642f698e1_JaffaCakes118

Files

056aefc2270acd01a0eafb0642f698e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e1f282449492d5fc7a87e6f1c3ced5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LocalAlloc
LocalFree
GetProcAddress
ExitProcess
LoadLibraryExA
GetModuleHandleA
VirtualFree
VirtualProtect
GetModuleFileNameA
VirtualAlloc

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 25KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 5KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ