631a885ec946d053898995473d167c65_JaffaCakes118 | Triage

Sharing

General

Target

631a885ec946d053898995473d167c65_JaffaCakes118
Size

76KB
MD5

631a885ec946d053898995473d167c65
SHA1

1095fe555c923f704f26ad230ef47b78bdf0069d
SHA256

a7958ff408bd0595afb223af996a37bd5746e71f16f7d4891863b92680b7c231
SHA512

f34e4765c2d0aee593c77dae9c942625e9b00b303cac2a8d73c9113d026f9c89c0729876e8df15f6d867b650c1c6790d718d9892a7743bee66e5acbf959a66bd
SSDEEP

1536:MtbF2XPQobZrMEcXLilRcr9jFPIgbFJ1vxyB0BepjVrs2ryrd1vUQuq6:MtYXlbZg97AIh5Tb7Nu0BeHs2qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
631a885ec946d053898995473d167c65_JaffaCakes118

Files

631a885ec946d053898995473d167c65_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4488352f7da1bb8215ff26452b9d6ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
_lread
GetCurrentProcess
QueryPerformanceFrequency
GetSystemDefaultLCID
SetCommConfig
GetFirmwareEnvironmentVariableW
CreateWaitableTimerA
CreateNamedPipeA
lstrcpyW
GetConsoleScreenBufferInfo

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE