3f443457c42e7eeccd2697f5d3889eef_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f443457c42e7eeccd2697f5d3889eef_JaffaCakes118
Size

454KB
MD5

3f443457c42e7eeccd2697f5d3889eef
SHA1

0a15bc431851d10e7bbfbd3063402003440027bf
SHA256

c93f6d5a5b2bcddd47df663e3bebd83287453644117d615028c52a63fa68d659
SHA512

b8f854f76f82bf500f4e588879bd7b3c74513f61ba37ac62947c8dcbc2cc3eb7d973fe24259d4fa6f6b93d50fffaf3f93df859ded2e8db8d8fada4c7b368902e
SSDEEP

12288:yizCC5I32d++s4TRcooSh68BeDQ2cHTOxdL5Y:PCx32AUeWBeUYxf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f443457c42e7eeccd2697f5d3889eef_JaffaCakes118

Files

3f443457c42e7eeccd2697f5d3889eef_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cd8de569d5a269d9c160d170da3807da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
GetModuleHandleA
GetProcAddress
VirtualProtect

user32

wsprintfA
MessageBoxA

Sections

.text
Size: - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

choujin0
Size: - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

choujin1
Size: 452KB - Virtual size: 451KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ