0a3b3cb226c12eeee2f9a4e7d52cc877_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a3b3cb226c12eeee2f9a4e7d52cc877_JaffaCakes118
Size

218KB
MD5

0a3b3cb226c12eeee2f9a4e7d52cc877
SHA1

4ee514f3f7c7496bb386078a7431b1522f2a25bc
SHA256

b4b9c399b9469a0dd660239046d51dc68c1c80c0a44c929729364206c872a7e1
SHA512

adbdcf8c0cad20e092368efcb38ff85bdb963f31fb0a119a214f9f29772bb8d5b129f9f3653455b96804069e8f278a1f7f0a65404a6dcc6309f01e1a8ba18be0
SSDEEP

6144:iYfkG/bZFyKFA/AQcwE/ctEyiRD3S6rQaHl4fFT++++Jkf2si+++++++:JkGtFG/A10qdS6kSu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a3b3cb226c12eeee2f9a4e7d52cc877_JaffaCakes118

Files

0a3b3cb226c12eeee2f9a4e7d52cc877_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b50c62fb0f4364c2d15e846bc2ba9a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
ExitProcess
VirtualAlloc
VirtualFree
CreateMutexA

user32

MessageBoxA

Sections

TALiO
Size: 74KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TALiO
Size: 11KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TALiO
Size: 21KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TALiO
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE