42966b526f82e5077c4cae801182b2b2_JaffaCakes118 | Triage

Sharing

General

Target

42966b526f82e5077c4cae801182b2b2_JaffaCakes118
Size

157KB
MD5

42966b526f82e5077c4cae801182b2b2
SHA1

84b86610a88969c85bd7422d7244b5857c6cd91a
SHA256

a703753d51ffcb6b914cba25abfe6e3731a7b12373b536082a8e8ff2d44e33f3
SHA512

cc05e6d84d7453061a49ecd8bed1da912c6d322e9d475c39fbe5a91fa672a2df8ff0715c41f0ac456aaea0090122be919a1f3de092d3df776deb4c7609b2de40
SSDEEP

3072:eIMf2r2Jl8Qe+qS9OhIuMsRGaKi8KnABWkdK/fO+M0xLJHCvOC5EgoBNK:hM+r2/e+X9r3sr85YzLCh5NcNK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42966b526f82e5077c4cae801182b2b2_JaffaCakes118

Files

42966b526f82e5077c4cae801182b2b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t514mn6a
Size: - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

f7jw6vq7
Size: 148KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wig7in07
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ