0091791a0329892f610cee88f5386967_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0091791a0329892f610cee88f5386967_JaffaCakes118
Size

4KB
MD5

0091791a0329892f610cee88f5386967
SHA1

2f17300303fc125a8f40d2e0e951b1731417d9a4
SHA256

3e810a143d05705b44c85f22098770866a6f81911e5baef1b0960327db9b109d
SHA512

eeb5009a2206c21519a23ba918ad0556e5197e704a3dbae3ce8f56276b782ac83a5ba714cf6b24436bcf280a88a69662bd5670861b95051c1503059dbebcecad
SSDEEP

96:0vTlXtw1+Xcfnp3PvRKMbavGfsPWxPRtZpWpY:0bldw0XYpfv0Bef2Wl3W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0091791a0329892f610cee88f5386967_JaffaCakes118

Files

0091791a0329892f610cee88f5386967_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9f746d03d7533b4f94f42b006c9534fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msdxm.ocx

RunDllW

Sections

.MPRESS1
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE