ba0524e1f1e00a5f77ff88b8d6156e2c_JaffaCakes118 | Triage

Sharing

General

Target

ba0524e1f1e00a5f77ff88b8d6156e2c_JaffaCakes118
Size

55KB
MD5

ba0524e1f1e00a5f77ff88b8d6156e2c
SHA1

0b770a6071f4ffc6a5a22d955840891e58c34fc0
SHA256

f003ff65d4fd2bd3653d25659802b8d1d70fb414894b9446df82d2f5c787e5ce
SHA512

3d912f5e6639f734b0d6c3a4cd6755186f05a13a09f1c782e3cafb7c6673a748da3557abac793aa441e8cb307db143a8f652549d0f5278c73e676bb769010930
SSDEEP

768:GTq9OZvY74e6R5w8N/FiEzyjF/6J+VTalyQNL2YEtplRFL8F7D:nL6R5w8BFiEOjNFTa8Q2tXL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba0524e1f1e00a5f77ff88b8d6156e2c_JaffaCakes118

Files

ba0524e1f1e00a5f77ff88b8d6156e2c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d6bc9a78f5d0dd2a34bd0dc7b068ec9e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

EndPaint

gdi32

LineTo

pthreadvce

pthread_exit

ws2_32

__WSAFDIsSet

msvcp100

?_BADOFF@std@@3_JB

msvcr100

exit

Sections

.MPRESS1
Size: 34KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE