0742ef3ef5e2f41e66afeabe34ff2797_JaffaCakes118 | Triage

Sharing

General

Target

0742ef3ef5e2f41e66afeabe34ff2797_JaffaCakes118
Size

119KB
MD5

0742ef3ef5e2f41e66afeabe34ff2797
SHA1

8292da8173a2b1fd4b5fc7a0d50a3ce85d7c2fd3
SHA256

87e912e727efe85d6af075b1373ef70a12eb01dc9dd1636471e351d77e8adb25
SHA512

54d3b6a4ad4af064247764c2b5479b5cafb6fd85b593e5576a0a917c8734abd1dae31604306161aaf567c9ffbeeaeeb551b7c7b61be1f79934b70b170b1ba119
SSDEEP

3072:/jTUQw3CZuD2roImWlNz9xotq9fsTEXL3:/XNbcImWR9xtVjr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0742ef3ef5e2f41e66afeabe34ff2797_JaffaCakes118

Files

0742ef3ef5e2f41e66afeabe34ff2797_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d001f58dd9c54f3dd8b26c9102792351

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BuildCommDCBAndTimeoutsW
IsValidLocale
OpenEventW
ExpandEnvironmentStringsW
CreateNamedPipeW
FindNextVolumeMountPointA
EnumCalendarInfoExA
GetVolumeInformationW
FormatMessageA
FindClose
GetCommState

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE