3793728c3274787ae9469f7cf52cf981_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3793728c3274787ae9469f7cf52cf981_JaffaCakes118
Size

301KB
MD5

3793728c3274787ae9469f7cf52cf981
SHA1

530ee5e0e3285e68dd4eb874fe7042cd8b5f47c8
SHA256

b0c8b173964f03ed5aebf0935382e7dc06f6ad1e2b6c3dfeaca5827e47747826
SHA512

b13621071a09ca7c9ff2d511185539906725e8e69bfd43db05e7db874265091f5b06467db50bf89273b7a4ff1002fdb6cc7f6f0281c6019c730cca37e646b23f
SSDEEP

6144:gEVkCmuuy2ZDyBf5idmQM7rf/B8Gi2p2mrG3rhulruYpd7:JVkWXqUf5id3Mnf/BHrG3rapN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3793728c3274787ae9469f7cf52cf981_JaffaCakes118

Files

3793728c3274787ae9469f7cf52cf981_JaffaCakes118
.exe windows:6 windows x86 arch:x86

79b3362178937bf9559741c46bb9e035

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

Sections

.MPRESS1
Size: 277KB - Virtual size: 812KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE