17fee6b009fdd1e281b0df3ae3e219ed_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17fee6b009fdd1e281b0df3ae3e219ed_JaffaCakes118
Size

761KB
MD5

17fee6b009fdd1e281b0df3ae3e219ed
SHA1

0a94e8af1b4bd146ab9003a4073bffc792aacf05
SHA256

80265eaf6f11a35fafd8d089419eb5b1b031d1b65957f92e7d8c7eac20e79c1e
SHA512

fb4f45d2dac3ccc566aeb6036ee38850110e9673e900f4cedd47058369783b5fcecae57195dd07316a8b8d497aa8f77caf9409896edb3360c8248fe4f5e3b6c7
SSDEEP

12288:1cv9Sd7BstNtvErRHyBzHLTMDHW9keyA9PZWKlZFZCsMSimA6dzrXgSmQAnZ5kO0:1cvPtvMQrs299yA9YK1Z1MGA4zrfY8R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17fee6b009fdd1e281b0df3ae3e219ed_JaffaCakes118

Files

17fee6b009fdd1e281b0df3ae3e219ed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

372cb1afc2a93c932bf474b9fcb8cb7f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
LocalFree
GetProcAddress
ExitProcess
LoadLibraryA
GetModuleHandleA
VirtualFree
VirtualProtect
VirtualAlloc
GetModuleFileNameA

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 380KB - Virtual size: 828KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.asprsc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ