a1d71f4bf3761fa81977dcde386f690f_JaffaCakes118 | Triage

Sharing

General

Target

a1d71f4bf3761fa81977dcde386f690f_JaffaCakes118
Size

72KB
MD5

a1d71f4bf3761fa81977dcde386f690f
SHA1

cc3b55763fcb2b4851595899a94247b2ef8b7ef7
SHA256

fc44a093bfec25b703417963003a3a66d52cc9bd1c429ab32edd7a79afc7f215
SHA512

c5d8df812412b05e8cc222aa27ce2ed4fa0ea739dc99f0244823abb6f5f66bee669cef30ba3e74c1e429d13a41165080378f97f8a0deff93689752a8fd9cbbd0
SSDEEP

1536:dpU2Z5qeOYYkRpgftBH4PK+4ehO6nOiJIAEHf:dFYpkR+ftBHSKwh1OiJcH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1d71f4bf3761fa81977dcde386f690f_JaffaCakes118

Files

a1d71f4bf3761fa81977dcde386f690f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

783849e09dad24d656075a422aa027ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
VirtualAlloc
CreateNamedPipeA
GetProcAddress

Exports

Exports

ldtssipujo
nntxabfhowssdbn
xflfavbcnse

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 330B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 9.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ