8399425ee668568aa14d6cd5e70d64d8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8399425ee668568aa14d6cd5e70d64d8_JaffaCakes118
Size

107KB
MD5

8399425ee668568aa14d6cd5e70d64d8
SHA1

b09e9a780f36d1decb147b062875fb2c17f1986e
SHA256

bb9af415ce087d57f3eb1ddc04ab3864f0f3fa8cfe8fcedc217d031208178ddf
SHA512

eefa4e36b754929bcb50bf19030f1fa670569105185c26d5e4975b5b3cbef685b01972f3332e3fe2888f1c35ea3777f2db3c4690ff62da2fca2b3ac06376e827
SSDEEP

3072:4XX6kjNaxPJ62CPaJKNTGBdlKu3EbOfN:4dGJbCP0ctu3EbqN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8399425ee668568aa14d6cd5e70d64d8_JaffaCakes118

Files

8399425ee668568aa14d6cd5e70d64d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7bcb4be8a284e4ec65e8f7af4ff9f3bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvbvm60

ord696

Sections

.MPRESS1
Size: 72KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE