ce629917d1d9523b07953967a29dad89_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce629917d1d9523b07953967a29dad89_JaffaCakes118
Size

324KB
MD5

ce629917d1d9523b07953967a29dad89
SHA1

b7cd69e14ee9079297e50e9dc9df6179f0074ea6
SHA256

656fc932971c7122165a8a8f0d2f0a8900b1d0d9d05a23a41f6403268b8ca084
SHA512

419e09274d0fe922ca3ff5f0dd14d2e4ad918fd292e1c5e7b3a822cb00f004cb1970697ecccc1901fd9f98e684fffd721a47925d4aa57d7910da766df3edb9d6
SSDEEP

6144:YmfLgPZmiVa2F2W1XVaHlXRApUzkz2K07ffxsQKbavQtzWVgLIn:BjOZmiVa2FfBiypC9P7ffxzKbeQtzLq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce629917d1d9523b07953967a29dad89_JaffaCakes118

Files

ce629917d1d9523b07953967a29dad89_JaffaCakes118
.exe windows:4 windows x86 arch:x86

edfcc58f2478636ef3ebdada71929638

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
VirtualAlloc
VirtualFree
VirtualProtect
LoadLibraryA
GetProcAddress
DisconnectNamedPipe
GetProcessHeap
GetNamedPipeInfo
WriteFile
CloseHandle

user32

SendMessageA

Sections

TJAsSDtC
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

HonNHjQY
Size: 4KB - Virtual size: 538B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

aVbYgISJ
Size: 272KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE