5684cf68bd9b8c5d8dfea0f0123d6658_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5684cf68bd9b8c5d8dfea0f0123d6658_JaffaCakes118
Size

33KB
MD5

5684cf68bd9b8c5d8dfea0f0123d6658
SHA1

7c90f4906674888ba9478784371ef2ac722b85b9
SHA256

6dab42ae264de128fa48f2812295c5907616a44ed99d8a406b6e1c0165750f5e
SHA512

1e976c63182db11d5b9247ef6ace232c8ffb171321d2d5366a6607ee71731adabdc3b6334c8967430cdeb71f454402a0e4f4965dbe585f0b09876442eabcce1a
SSDEEP

768:VEXgLvTE74WhaqjnGR79Qo4eKZmwzHWE40/1sMNogiYzV:YgTI74W9Qx2lZmo2E4lMNli+V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5684cf68bd9b8c5d8dfea0f0123d6658_JaffaCakes118

Files

5684cf68bd9b8c5d8dfea0f0123d6658_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b53111289970b6ed293d11821bf12271

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
GetLastError
HeapAlloc
HeapReAlloc
HeapFree
ExitProcess
FindNextFileA
FindFirstFileA
FindClose
IsBadReadPtr
VirtualFree
VirtualAlloc
GetModuleHandleA
GetProcessHeap
GetCommandLineA

user32

wsprintfA
MessageBoxA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 546B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 542B - Virtual size: 602B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cWkOQ
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

j6yyH
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ