336defb6eeb1c22f3381148f7b0ede93_JaffaCakes118 | Triage

Sharing

General

Target

336defb6eeb1c22f3381148f7b0ede93_JaffaCakes118
Size

118KB
MD5

336defb6eeb1c22f3381148f7b0ede93
SHA1

4b44983280beaf07d27a6af22da4034dc8884017
SHA256

7e517a518953cf8419bd776d0ce21047f9d8531dccfc48f83c07cad1caaabb52
SHA512

255861a3c7437f28b640638e7c92fb6debdbb933ede6a5ec8c35dec1f6c2563a8152aabd85a33f9da8c5d523a8da7d39bdb77b7962f0b34ebb9ca377a2f5c893
SSDEEP

3072:6C2djFLU4Ebl+1xG/5jqN/rEcp69mDxUDXLOV+:6tEY18/pW4cp69GxgXy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
336defb6eeb1c22f3381148f7b0ede93_JaffaCakes118

Files

336defb6eeb1c22f3381148f7b0ede93_JaffaCakes118
.exe windows:6 windows x86 arch:x86

02cd78dddd046b6256508edd4ea8d5bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

nss3

SGN_End

wsock32

ntohl

advapi32

CryptHashData

crypt32

CryptQueryObject

Sections

.MPRESS1
Size: 113KB - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE