8cc227f5baa6841adea539fb5723b495_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8cc227f5baa6841adea539fb5723b495_JaffaCakes118
Size

240KB
MD5

8cc227f5baa6841adea539fb5723b495
SHA1

13f5da6b276ce41457f0bccbf5e5bc0d943f9d41
SHA256

465097368b4fb9348f671f608e6f7895a8030915b7c422be6a1e2e088a86adcb
SHA512

866081fcda71a9e784beb6e51968f13b0c76c3ad2196ae189d79bc09da527e498dad300a5efc13706c4b6b89f87e564d8976fd1a8e7a948565dfd772a8798ee0
SSDEEP

6144:ANMEeb/PgjtVwki1YAPIEm5hpYyjKVnjRdG:OMEeu3HaYAIlY/j2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8cc227f5baa6841adea539fb5723b495_JaffaCakes118

Files

8cc227f5baa6841adea539fb5723b495_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wlcrdpsystem.pdb

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.wtq
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE