9747ac3ca2a187bb5fc522a27672c2b8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9747ac3ca2a187bb5fc522a27672c2b8_JaffaCakes118
Size

8KB
MD5

9747ac3ca2a187bb5fc522a27672c2b8
SHA1

0a9c072bdd758534547712a3df4ccc8c13615e17
SHA256

c5130c0962bf3391785e59950bd5132ff805667634a2140953c3d101f775932b
SHA512

7cc499dd498ecc26571c8437bd2a579f664dd8a0613f181b11ac43ac1c3277756d627656c5deaf664fc7a4b9877374f3cc35a740d8696c8b14484c0ecbe89a99
SSDEEP

192:d7ZWErK+TBaCYrcD2DiGVUkU0yzT9T6HzhwrhWYp:VZ5ToTpDRykUXzxUZYp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9747ac3ca2a187bb5fc522a27672c2b8_JaffaCakes118

Files

9747ac3ca2a187bb5fc522a27672c2b8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d7a1045bd15c251b25f680fa235820a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

libpython3.7m

PyDict_New

cygwin1

free

Exports

Exports

PyInit_select

Sections

.MPRESS1
Size: 7KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 1018B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE