834bdaad65f7512f9a263ba5a724bc12_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

834bdaad65f7512f9a263ba5a724bc12_JaffaCakes118
Size

287KB
MD5

834bdaad65f7512f9a263ba5a724bc12
SHA1

328e67b70e5ec077d4fae6e6d94d07c0fb4ea592
SHA256

955c59034a02492a7adafe9f8881127163e7d784def7595986bdbf1e2f188fa1
SHA512

fb49f055f333043025fc03af68b34137c81c4d19d059d490f072d9ce0939fbf5a7410b1bd3d5827e75af3e8724f48c37772b55fef8dfa5ad8249b358bbbce25c
SSDEEP

6144:9j/s+3AFllr60M+JyuWTPGB+Dp0etuPrloQ+UGiRuL6Ijd:1E+257kxPGup0NoQ+UGiU9B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
834bdaad65f7512f9a263ba5a724bc12_JaffaCakes118

Files

834bdaad65f7512f9a263ba5a724bc12_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3fe06c6bcbc4e092488e709bc8658d9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
VirtualAlloc
VirtualFree
VirtualProtect
LoadLibraryA
GetProcAddress
DisconnectNamedPipe
IsValidLocale
GetThreadLocale
GetUserDefaultLCID
ResetEvent
GetStdHandle
SetFilePointer

user32

SendMessageA

Sections

HGTCrUzI
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

yQQhPVun
Size: 1024B - Virtual size: 554B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

AMGpfbpb
Size: 257KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE