JaffaCakes118_42642a19441d25df8017b4e6750bf288 | Triage

Sharing

General

Target

JaffaCakes118_42642a19441d25df8017b4e6750bf288
Size

94KB
MD5

42642a19441d25df8017b4e6750bf288
SHA1

04f1142cb8a897fcda22c6a45ae205f986c4f74f
SHA256

18268d9797c69b3eff091425601eecc463a962c779b2b0a7ea7f2db4ff02ada3
SHA512

af41566b004393a4395ff6ec992097b622d71d91da6c40e096b238c49159806a504c54c1389fbd1fee1327292ba8e44a3155950077443dff0ced0fa4cb3b90be
SSDEEP

768:0EzQE2+b7B1T4t7vI2NiN+U4ZmTX7CaKf+ibj55VTQ1RBkMoas0Qz3FGnuYoEq:0235b7vkmVN+1e3c+ibV561RBhoB1Eq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_42642a19441d25df8017b4e6750bf288

Files

JaffaCakes118_42642a19441d25df8017b4e6750bf288
.exe windows:4 windows x86 arch:x86

2a37aab13b28bd4b2d1cf6aef5c561f8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
LoadLibraryA
GetProcAddress

user32

DispatchMessageA
TranslateMessage
GetMessageA

Sections

.text
Size: 1024B - Virtual size: 942B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 314B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iehdfhp
Size: - Virtual size: 80KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE