0155144a047e58dd6b42d2478bb9aedf_JaffaCakes118 | Triage

Sharing

General

Target

0155144a047e58dd6b42d2478bb9aedf_JaffaCakes118
Size

4KB
MD5

0155144a047e58dd6b42d2478bb9aedf
SHA1

72b6ad2f614827ee73ea6643ede33a638a1d80e0
SHA256

f3fe2357c634b585480e06b9927512e672d6953ccda0a76c212aa6f52b8b38d8
SHA512

080c2ae9f92f90c3fcd58ce67e82c0903aedb395f7336b09292be1a8a9e49779de4a1bc6913bd470ea378e84b07da8c004e2f2b1bb03386e253be71cd76551ff
SSDEEP

96:jq6CRPnvT3hzDh8+vDubQ0783WnBLxvCEJ/x/HEkMH62XiHBaGPcfnp3:e/RPbJDh8+vabQMHNZhHIwfPYp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0155144a047e58dd6b42d2478bb9aedf_JaffaCakes118

Files

0155144a047e58dd6b42d2478bb9aedf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bdd96a3954e8210220b914894aefc82f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

cygwin1

exit

cyggcc_s-1

__register_frame_info

Sections

.MPRESS1
Size: 3KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 914B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE