9f442fbd0d524ace9f540c38751d7c2e_JaffaCakes118 | Triage

Sharing

General

Target

9f442fbd0d524ace9f540c38751d7c2e_JaffaCakes118
Size

246KB
MD5

9f442fbd0d524ace9f540c38751d7c2e
SHA1

fc0a7dc9421d8817c47d0c279d2b11801f95733a
SHA256

15340ef62f68faa89580da965333eade30a56dd50ec961089801e3e56ab7c333
SHA512

0ca1c52eb1fb0532456354c7fd2a8b6e2cb90276c5e61d211be1d37cb21a1ee1613f6e0bfeac8562b9ef2d1ed27cf01b2c761d3d779e259a562a13b2c23ad9b5
SSDEEP

6144:LqRWEzuXcpYMtVLq47Sduit/QX9gvw0IgXn:+R3zuX0VORtYNgIOXn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9f442fbd0d524ace9f540c38751d7c2e_JaffaCakes118

Files

9f442fbd0d524ace9f540c38751d7c2e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 129KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oeyk17g7
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9u2z1y6d
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ke597t2f
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

d.l.3vpx
Size: 106KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3spx9sji
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ