61694a0cf3678fc5e861e88715b3d518_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61694a0cf3678fc5e861e88715b3d518_JaffaCakes118
Size

56KB
MD5

61694a0cf3678fc5e861e88715b3d518
SHA1

a58fb0b9cba9892555db4cea62b9ba7ab1d481c0
SHA256

10a114ddfbd4c92f7a3002a2d4c480b7cf2159eddae86791fab9726b9d9d7f61
SHA512

70ea4085020ee85a80e114358ed3d80c5a7fb706c5d23f207dcb34ab4f35164133633ada91dfee82bc0bea0c307865dce67a5fd53c8460ea12bd29d4e5aeee94
SSDEEP

1536:S9otokUzcwOWlWbsU+HC8DLZRxiyCKMFk2FOxY2VPherUo8:S9otok65osUwvDLJn2FCVVp6Uz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61694a0cf3678fc5e861e88715b3d518_JaffaCakes118

Files

61694a0cf3678fc5e861e88715b3d518_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7306f80976c57687477e5e0c0e5fd873

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenDataFile
Heap32ListFirst
CreateProcessA
SetHandleContext
CreateNamedPipeW
Thread32First
ContinueDebugEvent
LocalFree
GlobalWire
WriteConsoleW
SwitchToThread
IsDebuggerPresent

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE