d08a3ab3e90ecac6a08d4875b4ec55b6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d08a3ab3e90ecac6a08d4875b4ec55b6_JaffaCakes118
Size

54KB
MD5

d08a3ab3e90ecac6a08d4875b4ec55b6
SHA1

ca891a3117eec44b2dbfe9068fdc46739aebce58
SHA256

dc21f950489cfca664b353f7aa0072ec9bd547e94be498a52bef7d3090148494
SHA512

128747f3999850ffa20994069bbe807c1d8cb9753eb40da1286220096ce0ee1b91c2cc24f6b69bfc9841025e461ff670af80bdc9f28759a928cc7089adb702ed
SSDEEP

1536:iRB6xHnYsUsCmw7+BSv9W6/5p6WIATutT7NoeM1K3VgIPoBc:iRoYs/Cn+BSv9W0GVATutldlgrc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d08a3ab3e90ecac6a08d4875b4ec55b6_JaffaCakes118

Files

d08a3ab3e90ecac6a08d4875b4ec55b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7bcc69156ea385c3daf8d8a59d0e92d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

_open

wsock32

bind

Sections

.MPRESS1
Size: 50KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE