c122ea98698cdbe2042fe9eeffceaf18_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c122ea98698cdbe2042fe9eeffceaf18_JaffaCakes118
Size

26KB
MD5

c122ea98698cdbe2042fe9eeffceaf18
SHA1

faa48fd0a1fda1c630bd4b9add22df6f74076cb1
SHA256

2edfc81eea3b32b01417d26a5f0e8eb3b8067a7bca9f20c02288f9436235871a
SHA512

ae6f94058823ce88c40ce02e83b0a40873cd009295d93b011c69b6c901089ee8ca930c4331841c0445735e64afecb33b4da317350014455be3337372627cbe17
SSDEEP

768:kFka5YuMvL189SxlLJnKKD9d+Wt98M0M:kFkaWvREeLJpJd+Wt98

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c122ea98698cdbe2042fe9eeffceaf18_JaffaCakes118

Files

c122ea98698cdbe2042fe9eeffceaf18_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0ffcc37eedec36c74779659e3731de4a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

powrprof

GetActivePwrScheme

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 178B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE