aa80ddde53b0dac81a80c711d79b27ba_JaffaCakes118 | Triage

Sharing

General

Target

aa80ddde53b0dac81a80c711d79b27ba_JaffaCakes118
Size

253KB
MD5

aa80ddde53b0dac81a80c711d79b27ba
SHA1

fa8588d07e73fcc01348eb4a427d80f2f2231c68
SHA256

bc7a84e172149d88ffe17111edca66f3d25d2d8ed725b3a612761ede479369aa
SHA512

87faaa2f338985fd8f4acea4d918f910a601d319fba266287e5601098e131e1be0ac939c077b3b8c23bbe258fdebf5cb3bf4337a90368eea36925073ba677ae1
SSDEEP

6144:96nVHP6UXGSThTEROsB9988IMKjJ2clMgy4ke1Wn:wnVHpXlNEYsR8YKjcgy4X1Wn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa80ddde53b0dac81a80c711d79b27ba_JaffaCakes118

Files

aa80ddde53b0dac81a80c711d79b27ba_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ywp6x9s8
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

z88lkprw
Size: 247KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nfyrhk8e
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ