d4baf49b9a2a1fdd1369a3f5286186f4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4baf49b9a2a1fdd1369a3f5286186f4_JaffaCakes118
Size

1.1MB
MD5

d4baf49b9a2a1fdd1369a3f5286186f4
SHA1

6d177b629258a996f0c8365034e93cc8b742288f
SHA256

0a4c4a1e2cd8bba1a388f3f44f54265af6a103d5fa79a40d3a364c2a335d4970
SHA512

a3f5919d0315b99af587e8b89c1f45327dc8e5f61b86b3b8586c55685a6a307789814f28ba2ce13e0aaa544b4520bf4ff621b152824709b810dbd4aac6e18d50
SSDEEP

24576:C6kz6YC/rOj4Ph0V7gb/3ZXegK1xWncapjJb3nkKwaHSR+5zF3U:x9J6j4Ph0xA3jnnca9JrnfXF3U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4baf49b9a2a1fdd1369a3f5286186f4_JaffaCakes118

Files

d4baf49b9a2a1fdd1369a3f5286186f4_JaffaCakes118
.exe windows:8 windows x86 arch:x86

6a949841a9dba5585aa5f97b198ce7f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
GetNamedPipeInfo
LoadLibraryA
HeapAlloc
UnmapViewOfFile
MapViewOfFile
ReadFileEx
CreateMutexA
HeapFree
HeapUnlock
HeapDestroy
HeapCreate
ConnectNamedPipe
CreateFileMappingA
CreateNamedPipeA
WriteFile
lstrcpynA
TransactNamedPipe
DeleteCriticalSection
EnterCriticalSection
ExitProcess
HeapValidate
CreateFileA
GetHandleInformation
SetFilePointer
HeapLock
HeapQueryInformation
HeapSetInformation
ReadFile
InitializeCriticalSection
OpenFileMappingA
GetCurrentDirectoryA
lstrcatA
SetFilePointerEx

Sections

.text
Size: 983KB - Virtual size: 983KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrcs
Size: 15KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ