a6ea8b92a4c93575b14d14a4ea696617_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6ea8b92a4c93575b14d14a4ea696617_JaffaCakes118
Size

99KB
MD5

a6ea8b92a4c93575b14d14a4ea696617
SHA1

5519e488a4bd4fe479316c7864efa134f7836928
SHA256

3839f8dc8772a74c849a7d51072cec9b91feb47adb1306565c97e9512f168769
SHA512

157bd9a1d8b6727013f904e89603e91e5d196bc49a59501e2a0122f3335f92b4d30e3812d824d1a45110dc899916eae8c04f4f992b9f1e75be6c81344e95431d
SSDEEP

1536:t1QCsps/wLGbogjtEuQFBVCl86l2o7XHFN5cfjoK+1MS0rb06WoSrvlyfm:tL3wyboLeX2oTVcG6Wcfm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6ea8b92a4c93575b14d14a4ea696617_JaffaCakes118

Files

a6ea8b92a4c93575b14d14a4ea696617_JaffaCakes118
.exe windows:5 windows x86 arch:x86

83e3b439791a5c3dcc067bdcd579bd2e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

setupapi

SetupDiGetClassDevsW

user32

CharNextW

advapi32

CopySid

ole32

CoInitialize

oleaut32

RegisterTypeLi

Sections

.MPRESS1
Size: 91KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE