e256ca3ad345c77fd591ac1f6ffe73f8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e256ca3ad345c77fd591ac1f6ffe73f8_JaffaCakes118
Size

63KB
MD5

e256ca3ad345c77fd591ac1f6ffe73f8
SHA1

01122cf9b71b61b5ac02e86b1bec289f5b5e6727
SHA256

0c5a4051af6521e9cc352e672888cb51f3ff10484c9826f8345b3f16fd51caf1
SHA512

bbba70f6b2c99da6f521f8dff42118f964a8a71eec3d312c89e23ea8abb8a675c2a0992e86db882c4de977b0f314a0f3036b25cf222dd3e2bd39ac96c4fcb55f
SSDEEP

1536:cwX5Ds5hxoMNk4CMMXA0re1Js10t/FUyojWpYbun28:NXRsrxoMNNYre1a10vHocY628

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e256ca3ad345c77fd591ac1f6ffe73f8_JaffaCakes118

Files

e256ca3ad345c77fd591ac1f6ffe73f8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8648ae082504897a12d6224ca6cf27b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
lstrlenW
Module32First
GetProfileStringW
CreateNamedPipeW
AllocConsole
DosPathToSessionPathA
FindVolumeClose
DnsHostnameToComputerNameA
GetPrivateProfileSectionA
HeapFree

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE