a53e9b160cc9c74f1f17351f49868482_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a53e9b160cc9c74f1f17351f49868482_JaffaCakes118
Size

542KB
MD5

a53e9b160cc9c74f1f17351f49868482
SHA1

e26d9259ce000d033bb26f0a92b3578a3293ca2b
SHA256

e22eba12302a3ae4b4cf44189017eba7389603b6eae4d4abae04a12066e73eb5
SHA512

16321db424e1309e1fbda362e9ae2a2e82847c22b224b2a6f0baf7ab5f4370173cc93b550e0782291fa35f5b2682c1ab44886b96e246c7a2bf18bd3273490f99
SSDEEP

6144:aXbEDXW8jOD/gSJgqn6/lkw3RROxNjfOBMxb:auW77gSJQWw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a53e9b160cc9c74f1f17351f49868482_JaffaCakes118

Files

a53e9b160cc9c74f1f17351f49868482_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79b3362178937bf9559741c46bb9e035

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

Sections

.MPRESS1
Size: 11KB - Virtual size: 564KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 529KB - Virtual size: 529KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE