31a87b294d3351a5b980b8c5694ac04b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31a87b294d3351a5b980b8c5694ac04b_JaffaCakes118
Size

18KB
MD5

31a87b294d3351a5b980b8c5694ac04b
SHA1

ea0399cef1dc85027b9af8e2219e927a44ee4d26
SHA256

1e04b58d0bb6d9dc8503f8d38f0470dddf0f42f818a9d27bcc1c822fddebc2f2
SHA512

b6514bec9f9925b4ab6dd8974bb9e9518a6b7b3b11a8dea954127e8c51da23881a0b0cf4aa9446c5fcba8d09a642871b96f9b204d9009d8d55fd65985b053210
SSDEEP

384:RaWKa1aAbV9aze0WxuDmkFI4piBIjtuQ05X7vvxlLACW:RBaAbX4e9xw8BYy7D3W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31a87b294d3351a5b980b8c5694ac04b_JaffaCakes118

Files

31a87b294d3351a5b980b8c5694ac04b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5454963edd6661670f53e8aa75916f9b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msys-intl-8

libintl_gettext

msys-2.0

dup2

msys-gcc_s-1

__register_frame_info

Sections

.MPRESS1
Size: 13KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE