966351a494c87c8f06acf43a42d87912_JaffaCakes118 | Triage

Sharing

General

Target

966351a494c87c8f06acf43a42d87912_JaffaCakes118
Size

381KB
MD5

966351a494c87c8f06acf43a42d87912
SHA1

7032925b995caf83922bf583429c1aa5d7c2d88d
SHA256

86ed5059ee5bd1522851f78032db7104492be95ee3725c93b0a3df47870c3206
SHA512

2b8edf6084ede20b9bf72d5d9d16778d6df54f0894205b36d96157418c414483d37c6e34cd6c273374c5d01eee03955a7bd2685ea2cc5a96579acecf1939e36f
SSDEEP

6144:1wCKdufH+P4J3UOyv2RuPGweWOp1iwSbn0RhFuHO+kFsb/oZqVYv:1EufH73mMp1iVTMFgOHFsb/6EYv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
966351a494c87c8f06acf43a42d87912_JaffaCakes118

Files

966351a494c87c8f06acf43a42d87912_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

vmicsvc.pdb

Sections

.text
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rol
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE