JaffaCakes118_8140e4e66cc07d5bc23e5715d7169598 | Triage

Sharing

General

Target

JaffaCakes118_8140e4e66cc07d5bc23e5715d7169598
Size

35KB
MD5

8140e4e66cc07d5bc23e5715d7169598
SHA1

1941716e89547b68f91f3b101dfb0d4da3776993
SHA256

f21ec8f34cbaef62927c2a6185bf1cdc76be9d7e38769f89f8f05b180a2e3c5c
SHA512

c8f2d79cf37e25b7886f4280f35e0b6f506b234dfaed35ee3c42d7272ca0c7d14f980d0edfadd40066cace9bd982edec5754b7441aa15d0c83148c7ba0b52bc8
SSDEEP

768:lwbYGCv4nuEcJpQK4TQbtKvXwXgA9lJJea+yGCJQqeWnAEv2647Di:lwbYP4nuEApQK4TQbtY2gA9DX+ytBO4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_8140e4e66cc07d5bc23e5715d7169598

Files

JaffaCakes118_8140e4e66cc07d5bc23e5715d7169598
.exe windows:5 windows x86 arch:x86

5b4e734e734027217722fe4eb0093f3d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

FreeSid

shell32

ord680

wininet

InternetOpenA

Sections

.MPRESS1
Size: 30KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE