8ed66e600d9b3e8e21ad15b166a07195_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ed66e600d9b3e8e21ad15b166a07195_JaffaCakes118
Size

246KB
MD5

8ed66e600d9b3e8e21ad15b166a07195
SHA1

95f8b09b152137fe1cd6b85e2e6ba4dfaf2701d8
SHA256

9581900de8bb1954b9cac286201ee6ab0d317f798ccbbe2fa9f5fb57c2c6b2cd
SHA512

480746cdd8db3d44cb704ec48380ef751de6e44f001052ca9d225d1ddf5138e68e22d2c6da6eb1744223051efb50a6e8bd064f3324a0ac596c2e9fba42a6d925
SSDEEP

6144:BQY+Rude6a2oIAmAFXrHEXmq+zb0iOGLzs550zjAwanV:SRT6sIJIH89kbyffbwU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ed66e600d9b3e8e21ad15b166a07195_JaffaCakes118

Files

8ed66e600d9b3e8e21ad15b166a07195_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d1100acada26663cb015be9188697f19

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualFree
GetTickCount
CloseHandle
LocalFree
VirtualAlloc
GetStdHandle
GetStartupInfoW

Sections

.text
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ