d0ed41d27dedf3a31cfbce14a135990b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0ed41d27dedf3a31cfbce14a135990b_JaffaCakes118
Size

295KB
MD5

d0ed41d27dedf3a31cfbce14a135990b
SHA1

2a53ffae6ffca05583e9da27ff49a72f516be7d1
SHA256

155b90448985386029ac8211b5ef370fb2a89304aee68b02fd573b8f2044ff38
SHA512

b8d4843948ce2a0097a774fa5830cd36bcf263ab5f8bee5e7f0155214144d5eeff9d2a5ec5a3e63e62e1e287c43876af1c3eeba4f923cef4b1335b464288de18
SSDEEP

6144:GU6lDRGMwKh4vC612L0a092K4aP099XFf0AfVte8g5eSEjwtc:GUQ9GPhZ8hO2Da89N+A9t9g5eSEjwC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0ed41d27dedf3a31cfbce14a135990b_JaffaCakes118

Files

d0ed41d27dedf3a31cfbce14a135990b_JaffaCakes118
.exe .ps1 windows:5 windows x86 arch:x86 polyglot

7bcb4be8a284e4ec65e8f7af4ff9f3bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvbvm60

ord696

Sections

.MPRESS1
Size: 64KB - Virtual size: 452KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.VS
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ