424ef53f7a725d43103ab7a9104a2053_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

424ef53f7a725d43103ab7a9104a2053_JaffaCakes118
Size

77KB
MD5

424ef53f7a725d43103ab7a9104a2053
SHA1

6b6ded486edce19399dbdbd551e4cb536f2cc917
SHA256

1ef842abe2f9585f6d10154c3723e0642978f1624eca3ac043c57f9aa7b4d0bd
SHA512

4a3b3d2d0251d5c002d7e2299ab4fb8b1866bff40347281850825cbe914bbafba2bd7714c758f3052d48a471cc401f490160890ddc3965c0df0cf6a990fc5f83
SSDEEP

1536:96kfH0ZPt4D1ITdGRX+sF0jr8IYXGgxvhz5MXxeIaEibsQAx3s:lfqVuF0UX7xvJ0xTOsI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
424ef53f7a725d43103ab7a9104a2053_JaffaCakes118

Files

424ef53f7a725d43103ab7a9104a2053_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15f52aab428a3e4429388533cde5ae74

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetCurrentProcess
OpenFileMappingA
VirtualProtectEx
ExitProcess

user32

CharUpperA
CheckMenuItem
EmptyClipboard
DeferWindowPos

Exports

Exports

BeginHtutligrof
Npmtgqlf
Mwwtkttpsc
SetWufypjbemhy

Sections

.itext
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lmi2l1
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lmi1l1
Size: 69KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ