276e7b74233eb35b818ad91ebee583fe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

276e7b74233eb35b818ad91ebee583fe_JaffaCakes118
Size

346KB
MD5

276e7b74233eb35b818ad91ebee583fe
SHA1

f786d4de894ef647c548c931a3aa11c9291498d5
SHA256

49c5b1395cadb06c392256ff56c9275a4a963fddc57748c0d247b49d78287bcf
SHA512

b7b5ec74dc635664e5f698b18245da3ff878d62f2ed491ba4fd2939adbe5c0273c8087e9c05df8a18e4b7aabbc95c2d93bef3e71e29d2e7ec056c28c8f817d7e
SSDEEP

6144:B4Z3zpNhctYXgC5u5D57AMzH9maAIHf7jAVPoCIn3elTodhJ+nUwuz:gDpN2tCDMcCMaAaffuoCIFJ+nsz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
276e7b74233eb35b818ad91ebee583fe_JaffaCakes118

Files

276e7b74233eb35b818ad91ebee583fe_JaffaCakes118
.exe windows:6 windows x86 arch:x86

4a63d8bb569b1094ebd789d7d531d4c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

SetEntriesInAclW

shell32

CommandLineToArgvW

Sections

.MPRESS1
Size: 247KB - Virtual size: 832KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE