97edbbab12e160b1a308710074b9fc03_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

97edbbab12e160b1a308710074b9fc03_JaffaCakes118
Size

256KB
MD5

97edbbab12e160b1a308710074b9fc03
SHA1

35b9b07f72d7ff1599ffef555bcf6becf3c5a5c6
SHA256

ed15ac067d44b5fee0e869ebfbb19f77562d0f6a82afe7f0a069a260535c0cec
SHA512

df01f71cc2744e7b4eddc7a8b2356fc5af3361e43ed112f56a658ab145a3c0d6e4dcf620b9a8c08e071af31e19d7965c50280bb6e99c57767a528ede4fe1b0b6
SSDEEP

6144:wGkVcTRoslqS+sDRJFf2jxm+94hFQH7gHJNMwqiRUCx34A:rBqS+stWdGhFQsHJNMoN3B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97edbbab12e160b1a308710074b9fc03_JaffaCakes118

Files

97edbbab12e160b1a308710074b9fc03_JaffaCakes118
.exe windows:6 windows x86 arch:x86

dc224752911e71b79571815cee2a102c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

exit

advapi32

CryptGenKey

ole32

CoCreateGuid

Sections

.MPRESS1
Size: 249KB - Virtual size: 504KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE