656d150aee595635913c25e5c4cbfa9c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

656d150aee595635913c25e5c4cbfa9c_JaffaCakes118
Size

83KB
MD5

656d150aee595635913c25e5c4cbfa9c
SHA1

c01cbbad918c88e1920b6c138ee68ba84e768d73
SHA256

f972e8b0461ee193eb0370abbb3e2e220a7755054cff238f76fc0f3f57e7408f
SHA512

c7abf6dcd91c082756059efa58292bdccae6d583c3051604d3c91a15fce047b2094cc035d0c8120aa981346ccda78ca8747c9908a972d1c4dfc1f622aae62476
SSDEEP

1536:Pd5hbcNaTlf3WU1n/LPgNJGhTIlBbsyubodCx/5vJ2olc8mlMx:PdHc8TRWU1n/UeaJxubLxtJ2emW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
656d150aee595635913c25e5c4cbfa9c_JaffaCakes118

Files

656d150aee595635913c25e5c4cbfa9c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79b3362178937bf9559741c46bb9e035

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

Sections

.MPRESS1
Size: 79KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE