0587f337a45cbea66c972f61788712d4_JaffaCakes118 | Triage

Sharing

General

Target

0587f337a45cbea66c972f61788712d4_JaffaCakes118
Size

39KB
MD5

0587f337a45cbea66c972f61788712d4
SHA1

8836a694da3361dec4103f6a1e5c2f545f2665c1
SHA256

ff92e776c49dd4bcaf2392923b440caae3b849a2de88d94289dbc9bf4cbed8cb
SHA512

e86abab7b93c67063033dae62d777a80e507f54da52c275b4d675447531b66248f8b21d5b10c7ea837dbbe3198975274064595d2945a6a6b1a54ebb9318ebc02
SSDEEP

768:Qp7rjh8OSGgwA5IOlMew2T78L3fwU+Z8Rhzdbk3BZBuUxFlzykM/bnW7D:QpoGgV5IOl1g3j+Z8/zFk3BuUxL7M/b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0587f337a45cbea66c972f61788712d4_JaffaCakes118

Files

0587f337a45cbea66c972f61788712d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

74b45482b8568fc020bb903c541ca919

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

shlwapi

StrTrimA

ltfil14n

ord191

ltkrn14n

ord197

Sections

.MPRESS1
Size: 35KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE