3f1b450bd46c3b52039596eea26eadd4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f1b450bd46c3b52039596eea26eadd4_JaffaCakes118
Size

80KB
MD5

3f1b450bd46c3b52039596eea26eadd4
SHA1

b586eb2cf62aa1623fe36af074f18ebd123eb65b
SHA256

ef7478685b9830309a6906ae8376292eec27b5dcc6a0b20fded4f3752bbc7c3e
SHA512

d6b3174d989807ab5d07adb4c620d40b76321e57c793b65b609a35110e962ac80a3100ccde20b09ec6e3998314ae9f75216b1734e69eded7cb99f7a34353a971
SSDEEP

1536:Ia6zq6Sy68Z/o5qpJgqMW7RQv/O+3jCbIf0fA+/EVfnddUG4:Ia6zLVZ/r5NQJ3jC/I4Ec

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f1b450bd46c3b52039596eea26eadd4_JaffaCakes118

Files

3f1b450bd46c3b52039596eea26eadd4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1b2269383052d134f328fb37e80ed218

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

shlwapi

PathAppendW

shell32

ShellExecuteExW

user32

GetMessageW

Sections

.MPRESS1
Size: 43KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE