23e00cc153c1b63b9beb6fd5e65db168_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23e00cc153c1b63b9beb6fd5e65db168_JaffaCakes118
Size

1.1MB
MD5

23e00cc153c1b63b9beb6fd5e65db168
SHA1

92bf20f180b5ddcc80827edcc51b9c6ea29fcb04
SHA256

ff80d8b1c19d005fff2d4caa762f66382158186d8d17b1cde6b84193cfdbe31f
SHA512

a1397d5c90ce6361311a10d9fed6ef77417063d047edef176500a267f45ce21ee51faee5e590211131ebf5a247b0be50d36b828aedf31f1e7f53ee852103fea5
SSDEEP

24576:DJVba76kKJdK6JhURKiEgpklozwZb4wyX:DH8xl6JHMklj/a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23e00cc153c1b63b9beb6fd5e65db168_JaffaCakes118

Files

23e00cc153c1b63b9beb6fd5e65db168_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e9b58bf633f68540d0375563c21e60b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenThread
CloseHandle
GetHandleInformation
CreateFileA
VirtualFree
ConnectNamedPipe
WriteFile
GetCurrentThreadId
ExitProcess
ReadFile
VirtualAlloc

Sections

.text
Size: 1018KB - Virtual size: 1018KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ