21cc2a7f7296429bfcbd7c5f7622bf31_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21cc2a7f7296429bfcbd7c5f7622bf31_JaffaCakes118
Size

88KB
MD5

21cc2a7f7296429bfcbd7c5f7622bf31
SHA1

0b47479d243a91ebb9d5679fd053a5bf4ef26776
SHA256

5f1e247c16a04e1e2596a144deabb593ca6b9eb228837ec278fff4e15a7d6aba
SHA512

9af5f4ef9adf3e3d89de1905d6b69aab06bd6ab21f388b57498169e2e33153277b6bc6f0933dfa24b4c479a51447124729992538616d69ab7c146e237ef7f64f
SSDEEP

1536:AGiDshjqtDxoflSU0Jb5ylryoASXoS/kl+GxX0EMByeIbdbY:ABDsgP6Y1JbklxT7G+NEb9Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21cc2a7f7296429bfcbd7c5f7622bf31_JaffaCakes118

Files

21cc2a7f7296429bfcbd7c5f7622bf31_JaffaCakes118
.exe windows:5 windows x86 arch:x86

80cb44c841340c200ede9fffc0881355

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

fannfloatd

_fann_destroy@4

msvcp100d

?_BADOFF@std@@3_JB

msvcr100d

_dup

Sections

.MPRESS1
Size: 83KB - Virtual size: 856KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE