2dec612014dbd1cffe9fdf73de43db7b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2dec612014dbd1cffe9fdf73de43db7b_JaffaCakes118
Size

16KB
MD5

2dec612014dbd1cffe9fdf73de43db7b
SHA1

d65a3223881ed54042d679eb1654fa11aab22cfc
SHA256

c549d3c79482503ae7f2cd6934e280d210cc4bbe12537cc1229bc24e10fc9529
SHA512

a310a78dacc04b7d9485f6a298bafaeea069505aceba0ae4cb6dbeaee4a330196053a16c04c1f1399937255fbe92857016a2853685d79a9ce37007da44f6ccab
SSDEEP

384:0IUEAO6k8+OOOQuZ2iMq5OTYFvjyVaOa4M1o8nKDKKKKKKKKKcqchJ3KoWKiKKL4:0IkeYFQxIo88qchx/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dec612014dbd1cffe9fdf73de43db7b_JaffaCakes118

Files

2dec612014dbd1cffe9fdf73de43db7b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

088069496efb4919b9339ff7ba692c96

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Desktop\Test Morph\Release\Test Morph.pdb

Imports

kernel32

GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
TerminateProcess

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ