42a6d9a03fdf37d6bc1162fbdeff11fb_JaffaCakes118 | Triage

Sharing

General

Target

42a6d9a03fdf37d6bc1162fbdeff11fb_JaffaCakes118
Size

121KB
MD5

42a6d9a03fdf37d6bc1162fbdeff11fb
SHA1

b84ff9464e1a8a3a7b853de6cae77c91365e5229
SHA256

dd9ee0dcc1af9e162ff78f355ced50ea9b9f0dba96b2d4c0d175dd3fdc404c7d
SHA512

a4253cb2b6c5534b639693f17327b01d656d19971d805426f52cdd8b40f6af9909661a45dcded0466628e9f65d6c90b0592e2de18676ce3ba45ddb32e68653b9
SSDEEP

3072:ap9nZw4dPqQo/hljdaNqciP6FS7LA4tLICXgfpEZ:arnXdyQo8qcYnA4tICipe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42a6d9a03fdf37d6bc1162fbdeff11fb_JaffaCakes118

Files

42a6d9a03fdf37d6bc1162fbdeff11fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

871f566131c40f544851d687e3ef38f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
LoadLibraryA

user32

MessageBoxA

Sections

Size: 80KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 31KB - Virtual size: 416KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SoftComp
Size: 904B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 249B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE