5a98964c7c8ecea6fa4ad12e29994a6b_JaffaCakes118 | Triage

Sharing

General

Target

5a98964c7c8ecea6fa4ad12e29994a6b_JaffaCakes118
Size

1.7MB
MD5

5a98964c7c8ecea6fa4ad12e29994a6b
SHA1

00bc8269b336e15a16bcf72a5aaed8ff36e4a32c
SHA256

087f0dcb38f58ea078c5c623514f3e5cf292a2a0fcba2a0c1cc712413cdc2124
SHA512

d678dc6d0ab72e14229a038f69c86675a7cc4e41812fea57663622ef9f0bea28d84e2f96ddbaa0694da81fffb9afbfc36b10a67bc21f666280e97eb78f2b0300
SSDEEP

49152:gc9Rr6hEA32cCDAvdf4lwv0hfJdOvIczu+N:gcuhETcCqdf4lwvSOXqy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a98964c7c8ecea6fa4ad12e29994a6b_JaffaCakes118

Files

5a98964c7c8ecea6fa4ad12e29994a6b_JaffaCakes118
.dll windows:5 windows x86 arch:x86

f726bd7f1f33fe7f5b219a2a5b49f3c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
CreateNamedPipeA
GetProcAddress

Exports

Exports

jskhwejtfbp
nkopsbnuq
ztmtoernkljlvbg

Sections

.text
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ