06b3f140ccef6f7d08e89d852451aa35_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06b3f140ccef6f7d08e89d852451aa35_JaffaCakes118
Size

252KB
MD5

06b3f140ccef6f7d08e89d852451aa35
SHA1

9b8318465c73c59da494faccf86f3b3b47ac6a47
SHA256

fad26f32d59a4a68e7516023cced7187a9178166867b228f85ca877498bd02c3
SHA512

86a86fc6dc453ff70b663ce55ce93a12584527a1938031390ef3ac06c549e2c954c331876fb5f7b6b5d4b1b10b890fb7cccbe98e1854271d85c70831491eb893
SSDEEP

3072:JF0PldOgFWKRXfiNu1WfMgsfJnex4iAOs85nEM4PASMDDQ0DwJ65oYakcOxEXZMF:UdXo2fGuqMgOMAOJAPASUU0sJ3YqHKF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06b3f140ccef6f7d08e89d852451aa35_JaffaCakes118

Files

06b3f140ccef6f7d08e89d852451aa35_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 143KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nocor79z
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7r4zebcl
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

q319obyd
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xb9k.c38
Size: 106KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5nta717x
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ