JaffaCakes118_dcd2bdd5a30049bbab9d1d3417dad5f5 | Triage

Sharing

General

Target

JaffaCakes118_dcd2bdd5a30049bbab9d1d3417dad5f5
Size

486KB
MD5

dcd2bdd5a30049bbab9d1d3417dad5f5
SHA1

3cdabe8305153f39f9d4f74ede1c8f191e17508f
SHA256

a69f0afa1f2366e7e4f0fec62edcaa45041da1bc9c29dd59fca50e4f60c7fd58
SHA512

bdaf3abf2af1663af5c4549aa7f07401736acfe4ff229d898d384bfa8be52d4d3cea94968399215f09355d11a754bd833a58f2f0b4b364a041be53169b374dde
SSDEEP

12288:ADM8w+ZVWPRsdi/yQGtoo5D7TDJ1TXFUe9:v8wsYPRsayQzo5jZU6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_dcd2bdd5a30049bbab9d1d3417dad5f5

Files

JaffaCakes118_dcd2bdd5a30049bbab9d1d3417dad5f5
.exe windows:6 windows x86 arch:x86

63ac7c2799723925dd310860701c20d0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA

user32

MessageBoxA

advapi32

GetUserNameA

comctl32

PropertySheet

Sections

.bss
Size: - Virtual size: 236KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 134KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 350KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE