9bd0acd69bcfc315b07305a134d90f94_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9bd0acd69bcfc315b07305a134d90f94_JaffaCakes118
Size

13KB
MD5

9bd0acd69bcfc315b07305a134d90f94
SHA1

5a8004cbef21210148c5afad76c66cfb6199a2de
SHA256

fbeb82943b68e69b4b21ee54405dbdff30aab742d03ffa544ef33c680fde0c62
SHA512

488502be6a42d5c17e838d69d12402a7b7265b631b8ba21be85daaf0e360cb7504b8b4962dd55d635d176a3ca98d3846ede296fe6b10432d14aa17389059419a
SSDEEP

384:aJhw1An5pAptiN3cTHHh8m0i6r4nBp/KUn8Yp:mw1AnzxN3cTHHh8mi4Bt+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9bd0acd69bcfc315b07305a134d90f94_JaffaCakes118

Files

9bd0acd69bcfc315b07305a134d90f94_JaffaCakes118
.exe windows:6 windows x86 arch:x86

a4ac8d2f71f214796857f78c8b85750c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcp140d

?flags@ios_base@std@@QBEHXZ

vcruntime140d

memset

ucrtbased

exit

Sections

.MPRESS1
Size: 11KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE