695b00c39b742d94e86369fc0384cb93_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

695b00c39b742d94e86369fc0384cb93_JaffaCakes118
Size

663KB
MD5

695b00c39b742d94e86369fc0384cb93
SHA1

1ac742a0f0da6650db599cb26a8436140f181bab
SHA256

779d0b155fbdaaffbe3c88b820aef705425eb3c14030baf52decca4945ab0639
SHA512

7ba85a2d77fe5e877ba424d6899bd4aa5cf3e65ac6c41092ff931319866ed1d974ce4493c6ea29023510a03ddc234d95e667387c6216049bb7a402aeb731b8cb
SSDEEP

12288:DX9vsNg+2jKiGNbwjD6qJFbd4Iejq3vjniBGSXaeIPTlZWFSGjocNOPEKkHgOxq:DNvs2YWDRfbGm3vEGSKeIrrIOPEvgoq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
695b00c39b742d94e86369fc0384cb93_JaffaCakes118

Files

695b00c39b742d94e86369fc0384cb93_JaffaCakes118
.exe windows:4 windows x86 arch:x86

63bdc560787fb0932fe693d321661b8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvbvm60

ord690

Sections

.MPRESS1
Size: 656KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE