7b5a2e4f2e4bf78dc99eaf6eb6abf19f_JaffaCakes118 | Triage

Sharing

General

Target

7b5a2e4f2e4bf78dc99eaf6eb6abf19f_JaffaCakes118
Size

96KB
MD5

7b5a2e4f2e4bf78dc99eaf6eb6abf19f
SHA1

f2f89868ce122448ff2a27a025ea1c3dc5913903
SHA256

9bdadf10f4fa17d75f54fe0ea5b4464ac099a9f0ac0f0e48880238693cb61db4
SHA512

27db491cefa76f382ed9d66cefe0574a11cb0b6a1bc0b95127d2d5a5bc83ad7501278cf21210aa9d7883f3ce5ab043f4e2acac3394213c5b5b52e4ee4e838478
SSDEEP

1536:IGtEam3MUS7ijdYGHBunMze27D8PaTF8BYeoEoaNqUyq3U4RM4jiYluD8ssmeocj:I127OOGHBun038PM2YeXonUUWM6FssSq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b5a2e4f2e4bf78dc99eaf6eb6abf19f_JaffaCakes118

Files

7b5a2e4f2e4bf78dc99eaf6eb6abf19f_JaffaCakes118
.exe windows:6 windows x86 arch:x86

7adde798363c9ee5909f34e86f66aa35

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

CryptDestroyKey

mfc42

ord825

msvcrt

exit

ntdll

RtlFreeHeap

crypt32

CryptMemFree

user32

LoadStringW

ole32

CoTaskMemFree

oleaut32

SysFreeString

wintrust

WinVerifyTrust

shlwapi

PathCanonicalizeW

mssign32

SignerSign

Sections

.MPRESS1
Size: 88KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE