d3ef809e85ffe75c6679165cd2c1303c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3ef809e85ffe75c6679165cd2c1303c_JaffaCakes118
Size

95KB
MD5

d3ef809e85ffe75c6679165cd2c1303c
SHA1

ecbeb9d6c76c5cc2617f3e2f0975b96a9d598132
SHA256

1677265749d13153520ca46067f43c04d1418a976d853d3a4f8af49643864e4f
SHA512

aa43782f0c08a25753013bda45d83b35ce71cf1be2a842c82d20c43657bc83273a3cd452595a68a313d460aef6bd11837b13db63b66ca9e8e7aba6c9f0f9ff53
SSDEEP

1536:Y+kk1iqdZW0UzRykGm2Co59Le8Ifp3pcfHJ6P50rd8svYsn9J7WG9J2Z7t:Jkk8Os0Ut239q8N/J6M9YsKG9J2Zx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3ef809e85ffe75c6679165cd2c1303c_JaffaCakes118

Files

d3ef809e85ffe75c6679165cd2c1303c_JaffaCakes118
.exe windows:6 windows x86 arch:x86

d56a5ec3c955102d408741636c362886

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

OpenServiceW

Sections

.MPRESS1
Size: 89KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE