a6112d31144424af988d1d1c5dd43ee2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6112d31144424af988d1d1c5dd43ee2_JaffaCakes118
Size

317KB
MD5

a6112d31144424af988d1d1c5dd43ee2
SHA1

a2d8fd41eb9df87dcf987e2e0138da7b0ee53752
SHA256

151353c00a1d166f62abd06cb50887480e490dde29d521a2306fc48105734e3a
SHA512

1882eb470a5d4a33cef80aa531405ea8a8247a69dc11558255b0d160c2d163cce52161b1c28431a46c04603680f078308b17a4a430b0ddf550791aad248d3a94
SSDEEP

6144:aGbF4tyt+Fc6FZASPZQn97BhCRCkaoVzmkWJZozHlfVBxd8:CtpDZAie97BhC2qzmTZozHlfVS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6112d31144424af988d1d1c5dd43ee2_JaffaCakes118

Files

a6112d31144424af988d1d1c5dd43ee2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c522be50e9407f36f81523dc2482e942

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateNamedPipeA
LoadLibraryA
GetProcAddress

Exports

Exports

byxgdrzglyrxryf
drwkbawtfkqh
vxhlfkqwtodw

Sections

.text
Size: 303KB - Virtual size: 303KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ