11760f3284a5f433dbef1f977866e54a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11760f3284a5f433dbef1f977866e54a_JaffaCakes118
Size

12KB
MD5

11760f3284a5f433dbef1f977866e54a
SHA1

c3d15cb1ea2671d22592901c6fe5371132c76320
SHA256

9045ecc4bcd9b32c3d2ee70a899d1cd2b6dc1babb46a8a25b3ad810721ae4f8d
SHA512

8430a4a9e64d8aad4014d5f6497fb108d1c9800aa9f09b6bc59445ba17e1e1362d25ca698377e9b62ff7591a3c8d49c322bca1fa71ec6e07f43a8554296353d7
SSDEEP

192:6Si60YGc+2BLKL1pp4C+cc4+7JF3H1OMfbc2OLJzmadY8+sLYq+0UGkIRYp:6hDRGtqpxcNNUMfbi4Qsz1GkIRYp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11760f3284a5f433dbef1f977866e54a_JaffaCakes118

Files

11760f3284a5f433dbef1f977866e54a_JaffaCakes118
.exe windows:6 windows x86 arch:x86

c6389968f114e66feff684dd3f3dbedd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetMessageW

vcruntime140d

memset

ucrtbased

exit

Sections

.MPRESS1
Size: 10KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 957B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE