72f6b6c20c12503bfd7b8c9d25ca0df2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72f6b6c20c12503bfd7b8c9d25ca0df2_JaffaCakes118
Size

40KB
MD5

72f6b6c20c12503bfd7b8c9d25ca0df2
SHA1

690b6f05a1dd7eb4114e7e9f792a87b9d8b58c14
SHA256

304efa48ea9511719e3703aba2cc881af4f64bf45bc2f96a23545468bd66c53b
SHA512

95ebc794c35b2fba0f950b8f954e345ec4602966b1a84713b24072ef11088508a8722632f2560ea985feeb510cea8a552099a7477f8041e64973e82d317aadbb
SSDEEP

768:FQNp2PS60XqgJSqqN3fxkf6RaFIBJt0t7L:FQhvqTNJkCRaiBJt0t7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72f6b6c20c12503bfd7b8c9d25ca0df2_JaffaCakes118

Files

72f6b6c20c12503bfd7b8c9d25ca0df2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4cfe8bbfb0ca5b84bbad08b043ea0c87

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WTSGetActiveConsoleSessionId

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ