5bcfbd11254931b11a07ef8c2b0157f5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5bcfbd11254931b11a07ef8c2b0157f5_JaffaCakes118
Size

223KB
MD5

5bcfbd11254931b11a07ef8c2b0157f5
SHA1

420eebed4de228114fc3de6aa75e20aa3821b694
SHA256

014850a6867d3f4d8aa0d5ddd4fa7894273e38fb79c89cb09fd6a10ff9b29381
SHA512

f5cc4325f17038d3839145e3a4553fa2e72dbe5e73035c31ae99c6714449254af5f06ba047850a034a79d23d03fdc1e20414aa0e756c192975bc86bfb888135e
SSDEEP

3072:iR68t4owe3IB6bqAxhI2mR/838ybLxiXIc0TQ3Q1kPJMM9aPVaCgdYF5FEhMj6BX:hI4mtm9bwxyIP52yNoCgQPECea+y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bcfbd11254931b11a07ef8c2b0157f5_JaffaCakes118

Files

5bcfbd11254931b11a07ef8c2b0157f5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

63bdc560787fb0932fe693d321661b8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvbvm60

ord690

Sections

.MPRESS1
Size: 178KB - Virtual size: 760KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 841B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE