13f8eab5eef2c40b6c21406d91eab6b6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13f8eab5eef2c40b6c21406d91eab6b6_JaffaCakes118
Size

28KB
MD5

13f8eab5eef2c40b6c21406d91eab6b6
SHA1

68c8f540ebcf9f247ce206961198ea3f628744b2
SHA256

b3a96b5b53a5d70bf808ee91d75118f7fbc97d5d6fda9b8d9a7e5e797845b684
SHA512

09877f1ca7539288e0df221d86a1c8fe317eba03245a8b4f6110b8292c5f615db32aeb01c163cdfb71058d7ae4b50e20d9507a2c94ec83e2cf3f67dc875cae28
SSDEEP

384:hEz0e11F1YHgx4x0EgDEoGlZWcLF+5Ul3Oxd+:hSF4RxuDEzZLCU4xd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13f8eab5eef2c40b6c21406d91eab6b6_JaffaCakes118

Files

13f8eab5eef2c40b6c21406d91eab6b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ebe055329e725840b35216c8caea1473

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpegsys

ord46
ord32
ord38
ord40
ord39
ord41
ord31

kernel32

ord323
ord269
ord731
ord579
ord642
ord497
ord374
ord289
ord429
ord465
ord342
ord137
ord740
ord214
ord686
ord306
ord592
ord704
ord350
ord268
ord321
ord651
ord158
ord729
ord282
ord276
ord361
ord654
ord334
ord397
ord395
ord464
ord463
ord714
ord461
ord713
ord665
ord260

Sections

.tex FMX
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 462B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_MEM_WRITE