99d57ba87dea36e1b44f5e8db35d3bbb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

99d57ba87dea36e1b44f5e8db35d3bbb_JaffaCakes118
Size

27KB
MD5

99d57ba87dea36e1b44f5e8db35d3bbb
SHA1

ede0915081fd5a3828e5c49663495673f998b0e8
SHA256

8fc2c03dde1d8a990fc5c0a6a8935b7968c351cf23c11c76709887897b5a61fd
SHA512

9a6f3035e75d106ea45e542894e47a8be124ae37aad7efe3a5acb98897602f592412806900a93bd14fd52c49de8b33c1faccb9b9907f6c1a071d6a06b11e208d
SSDEEP

384:002xoIZxhL0REuW2h9ilSZsHcrlfOhN5nd49bKA6yZ2BK0bQL5MfJeEkmQ7vvxlL:qoIZxhLApESZsHHZd4l6fI0agXQ7D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99d57ba87dea36e1b44f5e8db35d3bbb_JaffaCakes118

Files

99d57ba87dea36e1b44f5e8db35d3bbb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd5d8563c8a419956ee328f8e9b684e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

cygwin1

exit

cygz

crc32

Sections

.MPRESS1
Size: 23KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE