559b94a546cc5d78fcccb981cb3f7f91_JaffaCakes118 | Triage

Sharing

General

Target

559b94a546cc5d78fcccb981cb3f7f91_JaffaCakes118
Size

132KB
MD5

559b94a546cc5d78fcccb981cb3f7f91
SHA1

916ea070c175ccbded241741e9b43d1cfc6c86b1
SHA256

366ceaeb462097e2b7307c946a7db61915eeede5ed01653de86d18eb827b1fd4
SHA512

a38052c1aaeb9df89aad0d889df6889c4fd8ac75decf5de6c1100a53a2fbd0da327c6a61a137c96c46dae4d913b75b935fb0afd26221b706eb8ee056a7794caa
SSDEEP

1536:i3jjwvgzuv/qmOZlzfm70X9DwPbtfqY6gw6d2qOYgd1TZfM8381yhzKfRLqznDyX:ajjw/v/E/KYwlVd2kgbNy14zDM0XL6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
559b94a546cc5d78fcccb981cb3f7f91_JaffaCakes118

Files

559b94a546cc5d78fcccb981cb3f7f91_JaffaCakes118
.exe windows:6 windows x86 arch:x86

f52d51784b8d5d2d0bfdd3520b0c0a60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

esent

JetCloseTable

kernel32

GetUserDefaultLocaleName
lstrcmpW
GetCommandLineW

user32

IsWindow
SetCaretPos
GetScrollPos
GetClipboardOwner
GetKeyState
SetCapture

Sections

sijJ
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.mr
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CONST
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

J
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ