8bcb753f42b23dc7ca832ba9968bb401_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8bcb753f42b23dc7ca832ba9968bb401_JaffaCakes118
Size

9KB
MD5

8bcb753f42b23dc7ca832ba9968bb401
SHA1

d4d1782569a87d2eea63beecf739ec06f601a209
SHA256

08582417401d3f2659f054683c4bca7de0595269b3f1062b26a572fd747186bf
SHA512

c8745d63d641c901b529903aea0bd8b90dee87efb8671cf9d0abc5bc5168d78e4b6c0d6b488ec3fb5f96880038983d8084576efd420c0820b0a3f3f8174c1f4d
SSDEEP

192:8okTt4pThFuQSX6q0hGgTX8TGTr6YpCWSYgjWjk:8nIPuQSKthTTX8iiYpCWSdjW4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bcb753f42b23dc7ca832ba9968bb401_JaffaCakes118

Files

8bcb753f42b23dc7ca832ba9968bb401_JaffaCakes118
.exe windows:10 windows x86 arch:x86

7af4297ca1106ee65d6d96075e6aebd4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

exit

ulib

??1PATH@@UAE@XZ

ifsutil

?DosDriveNameToNtDriveName@IFS_SYSTEM@@SGEPBVWSTRING@@PAV2@@Z

ntdll

NtClose

Sections

.MPRESS1
Size: 5KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE