9dfff6271da4ad960dccd298e7e7c74a_JaffaCakes118 | Triage

Sharing

General

Target

9dfff6271da4ad960dccd298e7e7c74a_JaffaCakes118
Size

339KB
MD5

9dfff6271da4ad960dccd298e7e7c74a
SHA1

5fe3bd088cd3239859f71368d428430fc249983c
SHA256

751d687d8d853b50b8e96e7b6ac2e1c6e91dc5673e0a659dcd59234274f6ada9
SHA512

9410eb0af9d1eb458fc9863869773e3e2728b4167f020e813340cd0d7447e070545c76ea56fb87f98376dc79acb5b8f1f641651b1ba3ebbc687a72e685a61d44
SSDEEP

1536:CzREv34XDiftONKKnTgfA7f2YbXurcxAo8cKF/LHWt/+DKP8pKOtsQR:CzC34ItqHTGBYbXurcxA84/LvtJR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9dfff6271da4ad960dccd298e7e7c74a_JaffaCakes118

Files

9dfff6271da4ad960dccd298e7e7c74a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

79b3362178937bf9559741c46bb9e035

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

kernel32

GetModuleHandleA
GetProcAddress

Sections

.MPRESS1
Size: 36KB - Virtual size: 412KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 299KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE