23611866f4dce9e14d1733fba12a69b3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23611866f4dce9e14d1733fba12a69b3_JaffaCakes118
Size

10KB
MD5

23611866f4dce9e14d1733fba12a69b3
SHA1

e50469494789b9db7c3a5d6b0ab843acb679aad6
SHA256

2d56cfd2c789bc69d8629c8af6e656644350397e4f95743d0bf979b8a73e70d4
SHA512

34a4798cd0f87a090b10e8e61920cbc272a96ca5a12fb77382f2c76cbd908da37ad1c131f28883d8d39ce76c708fbad6f8ec09152a1b1d186c86a550e8f979bc
SSDEEP

192:USfqGOHLtz8H9xmdRNAFVxw4MHEI0OoTbvpXhgFdOYlXRqoWYpM:UPGOiHDzFVxdMJ10bxxgFd3XROYpM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23611866f4dce9e14d1733fba12a69b3_JaffaCakes118

Files

23611866f4dce9e14d1733fba12a69b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4aa10f9dea461e625ba08a9746ff6bb8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

cygwin1

exit

cygintl-3

libintl_gettext

Sections

.MPRESS1
Size: 9KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 907B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE