29cb1de60aa5c47179deb1bad2b40ad1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29cb1de60aa5c47179deb1bad2b40ad1_JaffaCakes118
Size

61KB
MD5

29cb1de60aa5c47179deb1bad2b40ad1
SHA1

b672b3af521bdffd3356a7746caa8b62b7ca0cbb
SHA256

659d5ec92ad7033bed3fb135a19fa9a3da1950f5510c5f4d28859e835df19765
SHA512

e736660803f6d9d52bace4533af7cc2f5244bdce8f5438f22c954f846cbc0e486f176afa0777903ce173c686201dd446f8d9e95dc0ca80d49553d85ff6e392a1
SSDEEP

1536:hvJ6kcejp4JG+0p0t454Kw8G7TTUOI7dC4O4EGPBdl/gvta:RJ6XYSGfZ5XG7TTY7tREQg1a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29cb1de60aa5c47179deb1bad2b40ad1_JaffaCakes118

Files

29cb1de60aa5c47179deb1bad2b40ad1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cparbqe.
Size: 21B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tf03u7lb
Size: 59KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

e5.7j9ct
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ