0f895ac1409bc77d0952380800725e7d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f895ac1409bc77d0952380800725e7d_JaffaCakes118
Size

572KB
MD5

0f895ac1409bc77d0952380800725e7d
SHA1

7b2f890cf01cdaf6929054fb25169c54afa3717f
SHA256

bb4db83c0299919e81261adf743c59ce8c125a6b0ae33d59905153564c1b80dd
SHA512

397aca84458ba5f4d14780aa8075ad327c72c02f24d07de76eb52a5f4a0b2814d62bda72086ab917c0fed17684e2fefb2b873297fb9c2f3bed8055a9017609e7
SSDEEP

12288:uJcBIF6KlNuAcHIHU3DARq99zqGKge5UD+BfJiI:uWBJC8HIqDAKKxaaBn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f895ac1409bc77d0952380800725e7d_JaffaCakes118

Files

0f895ac1409bc77d0952380800725e7d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

y8xn9g7c
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ryd7jd.f
Size: 343KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jw5u1yol
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ