59fb6968806dcaab8ed0a53091aeb297_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

59fb6968806dcaab8ed0a53091aeb297_JaffaCakes118
Size

108KB
MD5

59fb6968806dcaab8ed0a53091aeb297
SHA1

91134275dcb8e96979138db3d275c2f4993b803b
SHA256

4d5e5f17c1ae1ba36346f31e82b4fc43b1816ef4d47f36c2ab50772f81e597e3
SHA512

614a9895ead2ee88b9681609f9680b08f11ef09254ac56754fb254207b5ab6b3a80469cf419a44f251a0a90b94de5a599b93f458ea7d12ea46d38922d7b972cc
SSDEEP

3072:vkEYJNZJViB3dLDR6tb0JieJVFARWOl589:v4JNLMib0JFnazA9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59fb6968806dcaab8ed0a53091aeb297_JaffaCakes118

Files

59fb6968806dcaab8ed0a53091aeb297_JaffaCakes118
.exe windows:5 windows x86 arch:x86

879783f1ab0000e6d6746cde2751f5df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
SleepEx

Sections

.text
Size: 512B - Virtual size: 29B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cpdjlpy
Size: 78KB - Virtual size: 84KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE