37abe722f659cf2541cacb9d0ed73fc8_JaffaCakes118 | Triage

Sharing

General

Target

37abe722f659cf2541cacb9d0ed73fc8_JaffaCakes118
Size

320KB
MD5

37abe722f659cf2541cacb9d0ed73fc8
SHA1

45415dafbabcf9e170379ca9f54c530274e7330a
SHA256

98d5999be8cf434af0050e7e6377347b97bb75f59c2492a35dac275c24934635
SHA512

073356edb89c300771b3b648a8901dd5e69518ef7f7306d1189f4767589657f1025eb48ceb716e087eb82d45e4ea7619a6a512940e3036d2c3ce3551d7be69d1
SSDEEP

6144:CZa7ptDka2ADNvWrXiBZK6Q6zoP1KKj5hAMzvotguMw:Cw7ktAdWrXifK6RzoF5OgC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37abe722f659cf2541cacb9d0ed73fc8_JaffaCakes118

Files

37abe722f659cf2541cacb9d0ed73fc8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f726bd7f1f33fe7f5b219a2a5b49f3c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
CreateNamedPipeA
GetProcAddress

Exports

Exports

swxqzxtjel
wdmieyfbmvjzj
xywzfxbwcku

Sections

.text
Size: 306KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ