db6edbcbc2d0993e512e757250e41e3b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db6edbcbc2d0993e512e757250e41e3b_JaffaCakes118
Size

36KB
MD5

db6edbcbc2d0993e512e757250e41e3b
SHA1

f25d5898ea2d4e8a52bb6d584cf65fb21725e1a6
SHA256

9f40c32b30fcf8293d4cb0d6ec7e3732e6b52f688b6b15578b3c7d6b0bedc4b1
SHA512

cbd6f713095826645351a4ace262b9d2f33131e1503c2216221c0dc572b5d2ec10428a38d08050d25ce4bc36fa104389c0341af26a02b2342358aa63fec81222
SSDEEP

768:8NeEHKiZ2T6rl8UDxSjod2YeWVXjN0/POvPe0wkz1FgecweRM5LMDB:8Ne6Xe6rl8Ucj22YeWR6OvPXwn5wiMW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db6edbcbc2d0993e512e757250e41e3b_JaffaCakes118

Files

db6edbcbc2d0993e512e757250e41e3b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

694a1e439a8ff55829822ee974fcc934

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCmpLogicalW
PathStripToRootW
StrCmpNIA

kernel32

lstrlenW
GetModuleHandleW
GetSystemDirectoryA

Exports

Exports

?CoolerOptions@[SXH_KK]V
?GetImpersunt@[SXH_KK]V

Sections

.code
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 478B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xsys
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ