fd956a8538af9fe59ea06f747ddbc49f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd956a8538af9fe59ea06f747ddbc49f_JaffaCakes118
Size

255KB
MD5

fd956a8538af9fe59ea06f747ddbc49f
SHA1

3bd81b11597886fbc87abb407e09fc0b2308aee5
SHA256

c112df99804f1e87e88244ca8e65d0cb6fd1a97030929219a6877b5ab5ad2c13
SHA512

3ea830e9f0385231332c883acf503e784f1d45a6cec2baf8d8a59c4f6033e4e7a429fd955e04d63c2bbd37f47d10828984b9b6a22805dbb15472e7aa44e15980
SSDEEP

6144:zdXo2fGuqMgOMAOJB9RUIBR/Amj854B/0Y:ZXo2fsMg+OHXUITAmjI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd956a8538af9fe59ea06f747ddbc49f_JaffaCakes118

Files

fd956a8538af9fe59ea06f747ddbc49f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 143KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

md1w74rt
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qzn4i51s
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

j9u1jbmb
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

x98gg72w
Size: 106KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

f92dexx7
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE