00d00edf4c2f0e8e52906fbd2eff3af5_JaffaCakes118 | Triage

Sharing

General

Target

00d00edf4c2f0e8e52906fbd2eff3af5_JaffaCakes118
Size

741KB
MD5

00d00edf4c2f0e8e52906fbd2eff3af5
SHA1

605ba9366d280cf54e0013a37ec92ca714457448
SHA256

944bca4e462fdf74f12e5d3113f3e19e322d103a97bd98d9bd1ca59a84043aa5
SHA512

3bd860366e98adcfca3cce800aefae85fd9904d564c9cd82883266ca8bfc903784d6a358ca19a2757506864fc32342b786ba4b0356f320f68c33a4d7d2a7a822
SSDEEP

12288:DbtP2mQr/E5yw3AIrVUZJBm+MG7wE27DsWng01rb:9P2Cyw3AquZrpMG7wzMWg01n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00d00edf4c2f0e8e52906fbd2eff3af5_JaffaCakes118

Files

00d00edf4c2f0e8e52906fbd2eff3af5_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wlcsdk.pdb

Sections

.text
Size: 393KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.wtq
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE