342895f8985bc50d930aba90d9b45ebb_JaffaCakes118 | Triage

Sharing

General

Target

342895f8985bc50d930aba90d9b45ebb_JaffaCakes118
Size

23KB
MD5

342895f8985bc50d930aba90d9b45ebb
SHA1

0438a37266bec1db8319a1f4214522a027c49dd5
SHA256

dca1fb32cfe912c7f86ee7b7c4868a1257f15e26432ea1cd18211b0f83d029f2
SHA512

7a703e3711240ab40f88bff53006466199214178a8fa9bc754073cdf1fbb9e083d473840a9479545e3263c1374d4dbf31ee6c951922c2f4782ceb116d8691088
SSDEEP

384:sTyBXwzWm1ZP7L557OFbZIwCRiA0BUhVLKowvLDycoBEJ9pN7vvxlLzg6+:suBXwzWm1ZP7DOF1I1L0p3Xnz7pN7Dn+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
342895f8985bc50d930aba90d9b45ebb_JaffaCakes118

Files

342895f8985bc50d930aba90d9b45ebb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

79b3362178937bf9559741c46bb9e035

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

Sections

.MPRESS1
Size: 16KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE