c0db4e0e1e9092b05b46305d81ff7d73_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0db4e0e1e9092b05b46305d81ff7d73_JaffaCakes118
Size

72KB
MD5

c0db4e0e1e9092b05b46305d81ff7d73
SHA1

d0af2dab7a94ec9cb70d8002279295d410154f4e
SHA256

87d62b40055467c60ef08d8f5fe209de8eee0f2d80f292da9d775944335f9bed
SHA512

af1dbe6f2cd165494cf45b41c74ecbe43458040d302424a99529a363fb3ae75e184f63179ad48a634c205beab042d222bb40eb3aea6507f5ce5680f0b771fe59
SSDEEP

1536://aawGqCUA8V9jI9whM21YpGV34FjMJifQgeILc968aLZiXZhSS:6GHUVhIO71YgcMsQuLc9pYS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0db4e0e1e9092b05b46305d81ff7d73_JaffaCakes118

Files

c0db4e0e1e9092b05b46305d81ff7d73_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fb94954977c34d8bad8ff230f4ec17bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

ShowWindow

Sections

.MPRESS1
Size: 68KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE