23649132ec4197f4aa95fe0fe4c442dc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23649132ec4197f4aa95fe0fe4c442dc_JaffaCakes118
Size

37KB
MD5

23649132ec4197f4aa95fe0fe4c442dc
SHA1

b38aca9d68be7996d0cfea9db560bd5ecbf1ae99
SHA256

4315656146d3f6621cadc36ad37d643cea2fae13b457de7ceb1da778074a3925
SHA512

c989759cc626b24108e962001e0892bd9db532be69f85aa68c3233241a1b1dc2d9ae08432a43f2b86deb463c78b842910cb2eaddc7dbf2b40d34c49a42ec81fb
SSDEEP

768:pMMqU98q8kPjSE2uMSSkl4T7UfDeZzh9XG9v:pMMqUqojSE2qSE4T7U6Z1xQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23649132ec4197f4aa95fe0fe4c442dc_JaffaCakes118

Files

23649132ec4197f4aa95fe0fe4c442dc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a6f8a930f5bfca0d41e4fa4c5a17e7b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfoExW
GetLastError

gdi32

RestoreDC

Sections

.text
Size: 23KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lzvfbhl
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 171B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE