302a9f43c4122192730a1491f8239e31_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

302a9f43c4122192730a1491f8239e31_JaffaCakes118
Size

15KB
MD5

302a9f43c4122192730a1491f8239e31
SHA1

588d1ddf975d28aa19bfc40c9a4c843fa75dfce6
SHA256

b2c91466063e2ad20e7888f36ee2b0c1d707c1003c0c88c8f3ba50dd6828361a
SHA512

a150a01449fd975e669a2f1fac2f32e8b014a62f1fd86164e1067265ac7c120dd8f8871deef7e8fe17fe4efece858f743cfaa843c55dae30eac0e7b42c47e3c6
SSDEEP

192:PXdkqEfopK1JASkHhSOL+kyAHo+bobiinzK33zhzDfvepI0sYdVbHoAir:fdn5uCSk+kyd+ki3tve2VYnjdir

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
302a9f43c4122192730a1491f8239e31_JaffaCakes118

Files

302a9f43c4122192730a1491f8239e31_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1a4f0fbe6d40eea1f646e6cda2064d25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

LdsCeSq
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lWG
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

AzAxvcr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

JTEGmdR
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BSS
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE