b6fddf017e71a1fd6db34de1614597d1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6fddf017e71a1fd6db34de1614597d1_JaffaCakes118
Size

256KB
MD5

b6fddf017e71a1fd6db34de1614597d1
SHA1

2f6772c5103a1b75b368e35f59403a64af61ca57
SHA256

50b3195e46c818841de05f0280ca6a46543ec2627474ad9b8286541aa458c994
SHA512

831dee722a8793468b3e1ebabf8b13f467c4617d2956405b9bda7c0d53d31e098d00077a5540a56996f24d85a2295a99ec0784f2413ced6ada6e3c562837e65c
SSDEEP

3072:sbcUe1w0xMHTPAfE/ynFt5zM3R2v9VICDI5Ku/5iOodJpWW9z58Wnye2d:113g4fmynP5Ihv594Ood6W9d8Wnx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6fddf017e71a1fd6db34de1614597d1_JaffaCakes118

Files

b6fddf017e71a1fd6db34de1614597d1_JaffaCakes118
.exe windows:6 windows x86 arch:x86

72238bcea86fc1ca5a900489c729ed57

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetSystemMetrics

advapi32

RegCloseKey

shell32

ShellExecuteW

wininet

InternetOpenW

Sections

.MPRESS1
Size: 185KB - Virtual size: 540KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE