8f69bf18abeb7f6df4399ea9442b81ac_JaffaCakes118 | Triage

Sharing

General

Target

8f69bf18abeb7f6df4399ea9442b81ac_JaffaCakes118
Size

230KB
MD5

8f69bf18abeb7f6df4399ea9442b81ac
SHA1

ad3d2573709166484167deca2275305c345a573d
SHA256

1a36a167bda88e4d6fc041f1485aa6052faad870fc0d4969c6c4df40d023c053
SHA512

4a879875cd543f59d87ff12593eaef8a157b3b87ccb394e9a620aac84b5d784746e9bf2304a9824538f92781411fd4a99e75370fe9268ba49131e9212dad7361
SSDEEP

6144:0JHxEXVvbwEnJl8hB0TTfQLc41dS62os5a7rK2Y96b:WHx6FbtJWhuTqjS8YaXK2Ykb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f69bf18abeb7f6df4399ea9442b81ac_JaffaCakes118

Files

8f69bf18abeb7f6df4399ea9442b81ac_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 133KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4vl.u41n
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

90o3wh0t
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9e7oc752
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sux3kylc
Size: 95KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

l0pc2w46
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ