08f39d2acabc54e96b0b229c3d4ddc5f_JaffaCakes118 | Triage

Sharing

General

Target

08f39d2acabc54e96b0b229c3d4ddc5f_JaffaCakes118
Size

6KB
MD5

08f39d2acabc54e96b0b229c3d4ddc5f
SHA1

774fa9654c004464e86f3b60871e2e9ec10293b3
SHA256

7886c482462b57f3005dcc95bbfd3ff4f29c46f8fbad5a6fa54882af59623b79
SHA512

048f74ab05282087010169a3235352f07fbc9e1fcd11a49725e6c222f0bbd28123d15b9d39f8a63d5648046926c358ca82c69152398b8b0933697733d7d08347
SSDEEP

96:ny4muz0Eu1GZyIXhUipKjHVcXPneW8NnDfOS6OGX9LFRpquH9cDWDlVcWcfnp3:ffz0Z5ip4H6/NknqnOGt5RpX9yKlGWYp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08f39d2acabc54e96b0b229c3d4ddc5f_JaffaCakes118

Files

08f39d2acabc54e96b0b229c3d4ddc5f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

496b6552f7bc654827ab0a3c404f2204

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

libpython3.7m

PyList_New

cygwin1

free

Exports

Exports

PyInit_grp

Sections

.MPRESS1
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 1014B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE