152441142796ad84e8a90b219f0abd42_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

152441142796ad84e8a90b219f0abd42_JaffaCakes118
Size

180KB
MD5

152441142796ad84e8a90b219f0abd42
SHA1

66b4b92bbcc125a6458ae414692450b227ecf268
SHA256

a2781e5a433f55148ba0dc0807624f21247ca74529bf7d81df59b4122c547c7e
SHA512

80c4a50f8b2c67c8cdfbd936598d49ed5e6a206dce1b8e5603b32a675e852f62c695047e7ca72ce2c1866bb6d9b8d3b6acdf6da7bf781346e340b258d42f3bfb
SSDEEP

3072:REuibkNHVSta4yvYwn33bFAB7IQ/l/HdotSmWu46yC0NMbwhMTda:REuRBVStXMYqGUQ/x++m0+1Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
152441142796ad84e8a90b219f0abd42_JaffaCakes118

Files

152441142796ad84e8a90b219f0abd42_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

eh15x0b9
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

yrqfr6cg
Size: 139KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ej119480
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ