ac51c08d61b094c98a717c3a546ce9bf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac51c08d61b094c98a717c3a546ce9bf_JaffaCakes118
Size

53KB
MD5

ac51c08d61b094c98a717c3a546ce9bf
SHA1

696c7b4e06248a760de8d50b359f109ab85b70cc
SHA256

f424c7d540a24ef8ed81b05981614a505599b59353339330aeb97639e4848539
SHA512

36d591d1f2d47d6058eb11fcf8146e5453d67b00cf94b1b09fa1a51b13c55f4248199eb2f92073e0c023e79660204f8a103d3affa9ab2b4e5d401b05cc27027b
SSDEEP

768:qfixyLnTISMBKoLpEDXmiGgWf71GwAwkWQfd4FP82sOI3LbOfAzYxPhZ:qfiwALvtf71hrxqOhPZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac51c08d61b094c98a717c3a546ce9bf_JaffaCakes118

Files

ac51c08d61b094c98a717c3a546ce9bf_JaffaCakes118
.exe windows:6 windows x86 arch:x86

69f09a3c1987ba0135a013f095ada94e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

mfc42u

ord3131

msvcrt

exit

ole32

CoTaskMemFree

Sections

.MPRESS1
Size: 7KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 939B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE