d7d11b49bf59d1b0729f371ea099dc9f_JaffaCakes118 | Triage

Sharing

General

Target

d7d11b49bf59d1b0729f371ea099dc9f_JaffaCakes118
Size

312KB
MD5

d7d11b49bf59d1b0729f371ea099dc9f
SHA1

0c79c2e672e942f09008cd9e8cc008fa105f7525
SHA256

9b52078c49b89a3005893b903f86e6cbe56858ac48d6ff4da88df4ca564eb369
SHA512

48a2db43ae5a2ee78d8eb305dcbfc179047a2023bf8318974f1ea072461ff657041d734a505a45ec822ec7eb5c25f2b0f1ba7e4c06403cffbc93b0f8cfbe91ae
SSDEEP

6144:j0Dd6+SD+dYnY9cCxaTVfbtTkyrfX4y2NRxzCOfKKm8V:AM+SD+2n7CxaRbjrfX4yURJm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7d11b49bf59d1b0729f371ea099dc9f_JaffaCakes118

Files

d7d11b49bf59d1b0729f371ea099dc9f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 129KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cbt3v..5
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4ckxinea
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ej8u52rt
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9mq0z.s6
Size: 110KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zqfflqpx
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.icbt3v.
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE