141af9023f00ef1d39c02604c68f5b40_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

141af9023f00ef1d39c02604c68f5b40_JaffaCakes118
Size

822KB
MD5

141af9023f00ef1d39c02604c68f5b40
SHA1

73f425dc80385692c38fe4a6497237aab85aed73
SHA256

0ebf882234fe8c82f7f64dafe840bce18790e55d1de31bd0efc31f5ef238d130
SHA512

c421413227a1176c9e909b31a47a7f9644716fe08f44234b9a959a6d30f840894025577392ed5f05507ff2a8fb534fdf4478e010862f944164596bdf4855d7e2
SSDEEP

24576:rr+4jRx7SNxbsODb6/a0yPFwhZ6YROZUC:rJ1VSNx4qb6/ahFwh2Zd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
141af9023f00ef1d39c02604c68f5b40_JaffaCakes118

Files

141af9023f00ef1d39c02604c68f5b40_JaffaCakes118
.exe windows:4 windows x86 arch:x86

99f5b0b723d6fca2813f516623081e1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA
FreeLibrary
GetLastError
CreateMutexA
LoadLibraryA

user32

wsprintfA
MessageBoxA

Sections

.data
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 342KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ