dd1376ef70d19a0eb4b096aa6eb248ef_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd1376ef70d19a0eb4b096aa6eb248ef_JaffaCakes118
Size

101KB
MD5

dd1376ef70d19a0eb4b096aa6eb248ef
SHA1

8194459b48a8d7327f0efe8b1fe6099dbdfe5e9c
SHA256

7fe1ed11464e93c4a5305f8f855c78b5a5f70666326ff4010987c710081568dd
SHA512

2a361b4c27bdf76fdd47a1a58d375832428ed62a778a1d0ffe168ef9404b5b7e4b4d1e2f75bdcdf4edddabd83336caf90cb4f0ddf7a186463cba560af4129c58
SSDEEP

1536:OZ80v8KktkXvJFNcvuu1U3Ln2Qct1WgPPmxTRoU9OUMnPksTfLL:O203kc6uj3LniXHotlsUMcsbL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd1376ef70d19a0eb4b096aa6eb248ef_JaffaCakes118

Files

dd1376ef70d19a0eb4b096aa6eb248ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

efc8eefb34de66345d130bda277fdd80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

ssleay32

ord122

libeay32

ord2985

wsock32

gethostbyname

msvcrt

_iob

Exports

Exports

OPENSSL_Applink

Sections

.MPRESS1
Size: 97KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE