8c55829d0b2edebd32910437a7e9e9da_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c55829d0b2edebd32910437a7e9e9da_JaffaCakes118
Size

54KB
MD5

8c55829d0b2edebd32910437a7e9e9da
SHA1

3bffcd08d5f316e5c6b6fb35a56db2489752efbd
SHA256

449475c56f99dd255ba38d78c0d965eda135d9444d2789020b98604ee2d34614
SHA512

7283b677718235e0de13c657de938cc6885f77d3a33d6bdbdbd1ede1d4be231e9aa2178dbb379867a8a3d6280aa3f1930ecc61674af419b83a86faf3a53191fa
SSDEEP

768:psaxYuzIau2TesUZZJsBcdelW6Mh8RriGyQMaAgo7DDrbFfHcP9T4A4:6gYsxTUPHe+h8xzAZBfHYTE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c55829d0b2edebd32910437a7e9e9da_JaffaCakes118

Files

8c55829d0b2edebd32910437a7e9e9da_JaffaCakes118
.exe windows:5 windows x86 arch:x86

892f4e252f2ad0ad5aba2a6c1366e836

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

shlwapi

StrStrIW

Sections

.MPRESS1
Size: 29KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE