JaffaCakes118_b878794e1fc3caa16b0d824571d56b61 | Triage

Sharing

General

Target

JaffaCakes118_b878794e1fc3caa16b0d824571d56b61
Size

196KB
MD5

b878794e1fc3caa16b0d824571d56b61
SHA1

c74df96505942917f043020af20a3936f02ec073
SHA256

ecdbe16467afa58e98b571c9ff3b409cd6636dc1a9a7fed769a6fa6c1cad4eac
SHA512

52426c048faa066f9b58ce56fcdc764535f1f2982e42e3683bea7cd3fd6a180a58078f6c113ded0e6d1141b8150669c05a13ebd9a0e3132ad96f196dca4a3554
SSDEEP

3072:Mu7ljz+tjKao5jjuB+gudGQ4fWYTgHDYz3W130DFj73QyxhpZfzkC:F8maocdMGQ4ftEHD/yFjk+pq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b878794e1fc3caa16b0d824571d56b61

Files

JaffaCakes118_b878794e1fc3caa16b0d824571d56b61
.exe windows:5 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 134KB - Virtual size: 376KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

l37ra4zb
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7i.n5m4r
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5psrejmv
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ