d835c39082e0e5de09ff092a3d5a1e0a_JaffaCakes118 | Triage

Sharing

General

Target

d835c39082e0e5de09ff092a3d5a1e0a_JaffaCakes118
Size

541KB
MD5

d835c39082e0e5de09ff092a3d5a1e0a
SHA1

9f515a5293a37e5b90342ef7b660fa5dee2d9518
SHA256

0a43127615cb75db69dfbf202e22d33e7aced03c236a9dcc948ae3dd18fa8626
SHA512

a5d17a922013c2df001dbdaccba49fb1a70aa2d711d2f695dabd6d31759eee35b579b02e4930367c6216d2da94c2cea75d0c63e3a6f2eaddf2823f2f5ec482f6
SSDEEP

12288:YaNqMd0QZh9uEK/5P/EiKrbVVE2VihK/BBHY9sbzHLK:YED0QZh9ur4fc2Vik/Bl5zrK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d835c39082e0e5de09ff092a3d5a1e0a_JaffaCakes118

Files

d835c39082e0e5de09ff092a3d5a1e0a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

9ndwic9a
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

suwlgu8w
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

czuf.uf4
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

g8878mpd
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9o.1w.zo
Size: 32B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ