deeb7921edd08f1cd9f1095b3797ad4f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

deeb7921edd08f1cd9f1095b3797ad4f_JaffaCakes118
Size

133KB
MD5

deeb7921edd08f1cd9f1095b3797ad4f
SHA1

a9fc8541d321cf53560db759d073a33c5a5e3211
SHA256

915cc13b9afe553cd0e391f75c660c16825ac287930d080794db89679b14fa97
SHA512

564ac3f74c76952600308c73da925b796fdebe21e0727697572268acd66bd19cd118865402fab22b3cb9c018a09211424ff800fa3eb1c1329bff307d49534cf3
SSDEEP

3072:OXPnEuogEIr8AvGvB0su+KI6wjcQsm8M0hC5iTP5gZ1:OvEDgEIr/Ovd93jcQJ8qQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
deeb7921edd08f1cd9f1095b3797ad4f_JaffaCakes118

Files

deeb7921edd08f1cd9f1095b3797ad4f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e933560675fdff41c0c76f468fb8a551

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCompactPathExW
ord29
StrCmpLogicalW

kernel32

GetModuleHandleW

Exports

Exports

?LongWayCinema@#OWH_KK+M

Sections

.text
Size: 24KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 170B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ