e9d51a17dedecd6c147c8f76c647d924_JaffaCakes118 | Triage

Sharing

General

Target

e9d51a17dedecd6c147c8f76c647d924_JaffaCakes118
Size

318KB
MD5

e9d51a17dedecd6c147c8f76c647d924
SHA1

12e66e91565170ccf34a12f23b71cfb106725d11
SHA256

8e5b71716b7864c89638c623253fddefd1a6e9bbf422cfb164de1cb7d508678c
SHA512

291048113ebcda03d81e372d2f1ecc592675a7a87e966979f3c04cc7fed2c86bc682c4a75399f36fe835d78bd9c9627a04410aea02ea724cc621281c37b0bec2
SSDEEP

6144:m0YT8pz4Xzi7BapCK5d3klRzULOnWyjLsPhAQzOs+:/M8F4Xzi4pdd3klnnWosPhnzO3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9d51a17dedecd6c147c8f76c647d924_JaffaCakes118

Files

e9d51a17dedecd6c147c8f76c647d924_JaffaCakes118
.exe windows:6 windows x86 arch:x86

79b3362178937bf9559741c46bb9e035

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

Sections

.MPRESS1
Size: 21KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 294KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE