1523d16ebeaa1770bc4bc233f2cc1c30_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1523d16ebeaa1770bc4bc233f2cc1c30_JaffaCakes118
Size

258KB
MD5

1523d16ebeaa1770bc4bc233f2cc1c30
SHA1

b9e0ea178309d00887b6d125a1f845eb92fd4dfe
SHA256

193fa69df369ddf51d30ae60c20524e8feed3e6dc4e6d911b6c2782a23b885ee
SHA512

6512efef22775c94afdee24852255fd3f96080ecf0179775a2513275de9137a89e3b06c0935237d231ccef8e269648a24f248d98d353659f14c2b486b76b2963
SSDEEP

6144:QP1udDVAlRR+0kWN1RB9MKVa+EzE1mrpw64ZEV37z13:ycdDWo0/1+KcLEs/4CVt3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1523d16ebeaa1770bc4bc233f2cc1c30_JaffaCakes118

Files

1523d16ebeaa1770bc4bc233f2cc1c30_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b4c6fc2be5f6b05dca666b7aa6801871

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
memcpy
strlen

kernel32

GetModuleHandleA
HeapCreate
HeapDestroy
ExitProcess
CloseHandle
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
HeapAlloc
HeapFree

user32

MessageBoxA

Sections

.code
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ