adaddf09ee671f505f65535dc259abc7_JaffaCakes118 | Triage

Sharing

General

Target

adaddf09ee671f505f65535dc259abc7_JaffaCakes118
Size

273KB
MD5

adaddf09ee671f505f65535dc259abc7
SHA1

6048d43765e38307845319eae9e3ae96683b634e
SHA256

b71537c70c11651aa8362581a71f7637f5a9e30df43fccb32173b500c5db099d
SHA512

e21580c787ac2d6b172d28a43b039749bcb39ad4802226c578e9fe6f205433bf7d15e6d934e0dda56671c3995d0d9e83cf6e7e8558dd3c99498a0d01838a0e89
SSDEEP

6144:E0VtQB0VL+Wmt6Te9GQmMHOzhHEsGQe5AQAr4wSg5+8Cv5P8wRX:5/1L+W3eEQKhksGN5qrdSgiH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adaddf09ee671f505f65535dc259abc7_JaffaCakes118

Files

adaddf09ee671f505f65535dc259abc7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 133KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vdfa1dyq
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7v5o2mn0
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

neos0yw0
Size: - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

e9i.uryp
Size: 137KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uourcwvf
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ