4064fc62cee4890ad72ffd61c37917e5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4064fc62cee4890ad72ffd61c37917e5_JaffaCakes118
Size

691KB
MD5

4064fc62cee4890ad72ffd61c37917e5
SHA1

1f5e22ef023c50e554b7077473c80229fee65b47
SHA256

7aa3806b03687a140980153c84f3c37ab25ab0af090d2656e3026003757194d5
SHA512

70685c3a0d25d3d3a10f61c7b93270047cdd199873c971e55589f80d881870b999d0a855b04dec21c984e69711cd574514fcc502fb05be796605a8ff21430d0e
SSDEEP

12288:ySjH+a0JLTfAXtDlxSK9EO/mfJ43LfIJ2+PGLqMVd8YpAPE+FQ5DD5:C3TfA9fwqL3UkqMVqYiM+F8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4064fc62cee4890ad72ffd61c37917e5_JaffaCakes118

Files

4064fc62cee4890ad72ffd61c37917e5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6fba080da85e32710b043bb62bef645f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetThreadContext
VirtualProtectEx
FreeLibrary
GetCommandLineA
GetLastError
ExitThread
GetStartupInfoA

user32

PeekMessageW
SendDlgItemMessageW

Exports

Exports

Tbmjype
AddVnpmqxgwu

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA21
Size: 3KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 677KB - Virtual size: 680KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enoli
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ