1681779fb6a41cbf4959fd9bae1e955e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1681779fb6a41cbf4959fd9bae1e955e_JaffaCakes118
Size

379KB
MD5

1681779fb6a41cbf4959fd9bae1e955e
SHA1

1a8714c351cfe9ada825cc1ae47c620cc19870b7
SHA256

6e0908ed518475af4f6b764c8773e4f11803edde29d07f8c857babc599cd2ee1
SHA512

996c0459b13a80d05e9f67db1322beae9d5c43c7f8973baf55b790c0b00e680d9e0e20c73f98af04d2abfba44beda9c07972c6e06da677d256397fe3e375541e
SSDEEP

6144:aec9z5O9sV1yZ+wiKPIrvXze7BapCK5d3klRzULOnWyjLsPhAQzsk4:aBz5vXze4pdd3klnnWosPhnzsX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1681779fb6a41cbf4959fd9bae1e955e_JaffaCakes118

Files

1681779fb6a41cbf4959fd9bae1e955e_JaffaCakes118
.exe windows:10 windows x86 arch:x86

c420e0c60858c916f1437616761b6e49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

exit

atl

ord30

oleaut32

SysAllocString

advapi32

RegCloseKey

ole32

CoInitialize

user32

LoadStringW

mscoree

CorBindToRuntimeEx

Sections

.MPRESS1
Size: 24KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 351KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE