8b95b10c09031346e1ed093c7d3b5412_JaffaCakes118 | Triage

Sharing

General

Target

8b95b10c09031346e1ed093c7d3b5412_JaffaCakes118
Size

14KB
MD5

8b95b10c09031346e1ed093c7d3b5412
SHA1

b25a26083900b558d942d00b07336dc72ea767fd
SHA256

ccb2324c1bb9a748903519f180846e85d57ce98af126bdfbb01226344b929463
SHA512

22c913cb9270e24c03c810787066c5a7c392ea54ccc838aab7ec7a13696d56272725f1921bcb70c64e264d6f68a4cc7e12216fd698e423949d77fd9e4556cc3a
SSDEEP

192:hRoHddojkkguehqSU1CVdp4cmMCUVJ+DzAI5cncMFVqIMVRsitmO6:odOjpgfUMac9CUVoDzcXFo3/sc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b95b10c09031346e1ed093c7d3b5412_JaffaCakes118

Files

8b95b10c09031346e1ed093c7d3b5412_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c23c257ad93f633bd80ed4945fb6dc45

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
LockResource
LoadResource
FindResourceA
HeapAlloc
GetProcessHeap
HeapFree
ExitProcess

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 258B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ