ad12cea0eaa276839a72d2cae107f126_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad12cea0eaa276839a72d2cae107f126_JaffaCakes118
Size

674KB
MD5

ad12cea0eaa276839a72d2cae107f126
SHA1

0f0099a704149ea3ab5c5e6f13da9b099f06ebdc
SHA256

d6fa5621f5c7bb8c92a08336c77371fe94523c48bc414f4fe9c32eb7edbd1b9a
SHA512

186d822d957daaeaf02e0daa4decc7b8b8708373dd4d0f7a786bbca19a51c004c190a64c38d59c8d724f10f455de9883f9ba3962f21b70ea418ef7ea2eb53b32
SSDEEP

12288:9C4u09Z7QDfbzZINM03MRLB9J1ZgjyR8E2SbjqG:9x5Z7QDbzV03kFUyR5tjqG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad12cea0eaa276839a72d2cae107f126_JaffaCakes118

Files

ad12cea0eaa276839a72d2cae107f126_JaffaCakes118
.exe windows:5 windows x86 arch:x86

71fc1c884a701217b9bbaa4ba78b8457

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version advapi32

GetFileVersionInfoA �

Sections

.text
Size: 113KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 538KB - Virtual size: 540KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ