3981a86ce7b348c23b5c2952c4913609_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3981a86ce7b348c23b5c2952c4913609_JaffaCakes118
Size

30KB
MD5

3981a86ce7b348c23b5c2952c4913609
SHA1

ad167d38ac311db4077eeb902bf9191f596d6bca
SHA256

cdd66ea13c7f7080f35203d0868df359b61abf9e502b5392c0b962bfbd85a1fe
SHA512

34b69ffb49b1672ea0f8d8a06cbfe3953fbbee570e20335c31e4a2ca1bbf9424162e5c1066d9f83421f5e674516dd0a0186e8ca0f32ca832ddda4c8049fda0ad
SSDEEP

768:FMFs5Ne9euIheundeud9Uguc6tnb6XZJtcE:e4ma6ZbGcE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3981a86ce7b348c23b5c2952c4913609_JaffaCakes118

Files

3981a86ce7b348c23b5c2952c4913609_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc4655b80caabb6021613342b08b3a14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvbvm60

ord598

Sections

.MPRESS1
Size: 3KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 512B - Virtual size: 495B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE