02b289f8718754f7e8fe4c6d4363e4ac_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02b289f8718754f7e8fe4c6d4363e4ac_JaffaCakes118
Size

86KB
MD5

02b289f8718754f7e8fe4c6d4363e4ac
SHA1

7d98f4c46fafeebaedccfbf1969de3e5a1b196b9
SHA256

99e17b95529101c94879672cabc44cb318188d2c85e10c2449fba2138cf9e7ca
SHA512

957e03ca339ccd2493d458bc975609a83f155820476f985ce333383863ffb3af72b640dd8d34e1797870047a9a4615964ba2c2d677cd5df36344c3971ca35708
SSDEEP

1536:0RBi7NTgXQ/sbhC/ac5s6RGXLlOOoLw9MWg/6kQCHbI/t4JS+nomYVWkYZcuOzPC:N7p2hS9sq36TfyS+e2Zctz72

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02b289f8718754f7e8fe4c6d4363e4ac_JaffaCakes118

Files

02b289f8718754f7e8fe4c6d4363e4ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e40199fc9b035ff707ab91901dbd259

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

cygwin1

dup

winmm

waveOutClose

Sections

.MPRESS1
Size: 82KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE