060ba1358c40267262661acd5a36ea74_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

060ba1358c40267262661acd5a36ea74_JaffaCakes118
Size

123KB
MD5

060ba1358c40267262661acd5a36ea74
SHA1

23e6d11f6fde9c37630d5339b4a3ab883a96a662
SHA256

472b107a62bb50989287d84b7c5fa64ac51d4636032b542dd5d2b82bb2db285a
SHA512

303d5125fb11063bc05f110064b2584741e9dc9077859e4dc43e186ecdbf5cdc94c84393cd6edfada02d5bc19517ddaa8775c0df1067d6bc1fe723fd61aee88c
SSDEEP

3072:N4mXia2Gi1zrz96PJBvobatJ7LBkD+gFdnECcY:Ndwzn9KGb4tbgHnEbY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
060ba1358c40267262661acd5a36ea74_JaffaCakes118

Files

060ba1358c40267262661acd5a36ea74_JaffaCakes118
.exe windows:5 windows x86 arch:x86

79b3362178937bf9559741c46bb9e035

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

Sections

.MPRESS1
Size: 114KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE