5c6db14d3492c213ec2f90c5bb38b9a0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c6db14d3492c213ec2f90c5bb38b9a0_JaffaCakes118
Size

37KB
MD5

5c6db14d3492c213ec2f90c5bb38b9a0
SHA1

aa0de14e7ccb641b775caaa5a3737ad737676eb5
SHA256

a12646a2a8173a687a7c98bcbba2d8c4338b82c5ca2b8592c331e0f0c0a0dc61
SHA512

7dbcc85c7d3e76d926763080b1f2c6a2d7881e2707669fbe0c87dac9542042390395d94f750376d196b13cc4a95c0b7c87ada16eaa096ace385334dd8932ac32
SSDEEP

768:9/tCD/IF1dyjPaSLAqNTwk227r1oZtVzJj7Q+SgJpA7DtDw:9lMIxNSnTwk2y5sVzJj78gJpgw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c6db14d3492c213ec2f90c5bb38b9a0_JaffaCakes118

Files

5c6db14d3492c213ec2f90c5bb38b9a0_JaffaCakes118
.exe windows:6 windows x86 arch:x86

b09e7ae95b4a05e70f063960d809ac70

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

EventWrite

msvcr120_clr0400

exit

mscoree

GetRequestedRuntimeInfo

ole32

CoTaskMemFree

oleaut32

SysAllocString

user32

LoadStringW

Sections

.MPRESS1
Size: 31KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE