2da6db8b7653e343cd94b4578a71cc0c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2da6db8b7653e343cd94b4578a71cc0c_JaffaCakes118
Size

196KB
MD5

2da6db8b7653e343cd94b4578a71cc0c
SHA1

303e782f188ff19327c04bb7b36e6835d61fef28
SHA256

af46ab19bb630d26cae5ee113d26984f5059fbe261a851ff62d3490ee4196b3a
SHA512

86efbabc5f374c6f68b01a0a3b07ca16b80e18aa5c01095796a20e88d7b97b6f1f1d412a0e2b98304664c9d8581bb571b70e88d6cd410fec8ea7818388b3fbb8
SSDEEP

3072:vNdfaiLV9mIx5TyfRJfr1E8VfGcfORr9BRilF3jDU7/hjrxIOCJ38hgz:FdiaTyfRnE8NGcfOdRIjYJPx0shgz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2da6db8b7653e343cd94b4578a71cc0c_JaffaCakes118

Files

2da6db8b7653e343cd94b4578a71cc0c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.rsrc
Size: 19KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

wcx03gwh
Size: - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7tcw8sp6
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qptgodmr
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qq5alkrv
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1ytxclxu
Size: 176KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE