86b8ddbb57ff65d89a2cd3134a4a604f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86b8ddbb57ff65d89a2cd3134a4a604f_JaffaCakes118
Size

223KB
MD5

86b8ddbb57ff65d89a2cd3134a4a604f
SHA1

ada9ae29af1dd50647ae5907eee26fe150ee9649
SHA256

f9e7a34b7538950379cd17518d6461525b17fbddcd6f3a7071eeb333fc81f403
SHA512

be4d6aba410e94a437b6e820d2f9abb96e02433229b62f8321eb1a26c12e4aa00f0722367e40f3d6704b71870462bf1e04953a48e451b398ef6ea4c1099039fb
SSDEEP

6144:v8Aof0tnPOMPYZpFl5nuIBKZT/yatMC9QTynyvY3nYv1no:UqVPYPFjnBKZOBC9Iasn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86b8ddbb57ff65d89a2cd3134a4a604f_JaffaCakes118

Files

86b8ddbb57ff65d89a2cd3134a4a604f_JaffaCakes118
.exe windows:6 windows x86 arch:x86

5cf3b12a258332829e4ff8b959be9676

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

ole32

CoInitialize

shlwapi

SHCreateStreamOnFileA

Sections

.MPRESS1
Size: 218KB - Virtual size: 580KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE