eec5ca81e129fce86bb9623d2abefa7e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eec5ca81e129fce86bb9623d2abefa7e_JaffaCakes118
Size

56KB
MD5

eec5ca81e129fce86bb9623d2abefa7e
SHA1

1d4bdf9fb9859b8bc32cdbae42722e38226fdf98
SHA256

d79ce18cbc4e2730d0498f47f6765686e6f8277b0a81af02c7f4efb1b407a0a0
SHA512

1527959a63a2a1aae35c865ac2ed578e70250c30323b91cabaf0227fed9dce61162f81b4538b8044071bc170042d78a60d94bec6313f6cfbcddab1cdf3d95f4a
SSDEEP

1536:O5anRFqO9smuAxbHbnRVX8NmN7CqijJVgKWdp4D+2GrY:O5anRFqFzAJrnN7Cqqps4KY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eec5ca81e129fce86bb9623d2abefa7e_JaffaCakes118

Files

eec5ca81e129fce86bb9623d2abefa7e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d6ef982648a1996efed0ab816dfdb6a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CallNamedPipeA
GetProcAddress
GetCommandLineA
GetConsoleMode
GetModuleHandleA
InvalidateConsoleDIBits
VirtualProtect
VirtualQuery
VirtualAlloc
WriteProcessMemory
VirtualFree

iphlpapi

GetAdaptersInfo

ws2_32

select

advapi32

RegSetValueExA

ole32

CoCreateInstance

oleaut32

SysStringLen

Sections

.code
Size: - Virtual size: 152KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE