13911e932a91c548ab0675713c1cad9e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13911e932a91c548ab0675713c1cad9e_JaffaCakes118
Size

191KB
MD5

13911e932a91c548ab0675713c1cad9e
SHA1

839ff43be3eeb648389c338e075a28ce6288073e
SHA256

a6ac91ba92a30ca5918d5df79ee757b63d1a33ecb767d1b78e923cd833d4cfee
SHA512

eec8711d8b7abdf9e7d69552d37316903cdceda1874ec26a3a8a12cf925bdcde00182f023ada6be73805a5a9648bcd356c128e653457d003aef1fe8b2e2ee0a8
SSDEEP

3072:u7jsjvYPUUW/GXEJ/jjPVjhIaJ3lJh1fn9Hk3LaOyxRutT8WWENNOuIXRVuTU4kJ:CsjgPUUiD9jjbfJ37h7k6y58MNNvHQ42

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13911e932a91c548ab0675713c1cad9e_JaffaCakes118

Files

13911e932a91c548ab0675713c1cad9e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b774d11a9d5145fface04702141e3cc0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

MessageBoxW

advapi32

GetUserNameW

Sections

.text
Size: 185KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE