097276bfd98bee2397d842ca2d69eda1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

097276bfd98bee2397d842ca2d69eda1_JaffaCakes118
Size

15KB
MD5

097276bfd98bee2397d842ca2d69eda1
SHA1

32c7bd940e1a1c22f9e2eb5324f7198808736ceb
SHA256

562b01e40ddb6b614828ebd56aafc33061ee306fe5899f0b9d3d39d8294e2651
SHA512

ca50bc377018aa448bb207a3c23d52f60979226fa77acabefd8f4cb1468dd16e9b7c88d506b071a7e0f137fad32574bd6b514f2b0a9d7076f5c161157b4262d7
SSDEEP

384:QWzfIXf/Lha8pISGCEznrz22Tju7vvxlL:/wv/Fa/kEzrz22Ta7D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
097276bfd98bee2397d842ca2d69eda1_JaffaCakes118

Files

097276bfd98bee2397d842ca2d69eda1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b7f61fbd025a8fc1e11bc6e1a931134

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

cygwin1

exit

cyggcc_s-1

_Unwind_Resume

cygstdc++-6

_Znaj

Sections

.MPRESS1
Size: 11KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE