JaffaCakes118_28a55957354bdb37eaa7dff333d74ef2 | Triage

Sharing

General

Target

JaffaCakes118_28a55957354bdb37eaa7dff333d74ef2
Size

156KB
MD5

28a55957354bdb37eaa7dff333d74ef2
SHA1

b0919f10770d453c4c6b2c5bb0a8f232a698abe7
SHA256

03c819aefb5839a29d3e7cc7d6873e6567a6f6fc5838d9ecc0148888a9a25c5e
SHA512

4e23d901916e5f580a78194a3eb76b02a16c9df9cb46b62af6a99adc85dce80d4c4ebc15f9f4a93b33166922d09507c8514c985cea96a2d71b7b5bc60bd6f79e
SSDEEP

3072:golhK8sqT6MM6MMMMMMMMM2kxYJ+ipeq1u4oTsZlgghZ+SlnopAqcKzkAwLNe54/:gondu4ogr7+KopAqc68HvsK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_28a55957354bdb37eaa7dff333d74ef2

Files

JaffaCakes118_28a55957354bdb37eaa7dff333d74ef2
.exe windows:4 windows x86 arch:x86

c3841d4b633b07dfe8f1410bf3e14fc5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
Module32First
CreateToolhelp32Snapshot
SetErrorMode
OutputDebugStringA
ExitProcess
SizeofResource
LoadResource
FindResourceA

user32

EndDialog
DialogBoxParamA
MessageBoxA

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ