f98819ef7885dd7b115cbd9caf087f6e_JaffaCakes118 | Triage

Sharing

General

Target

f98819ef7885dd7b115cbd9caf087f6e_JaffaCakes118
Size

138KB
MD5

f98819ef7885dd7b115cbd9caf087f6e
SHA1

faf21c49d0a5ee1434b93564e3085974698acece
SHA256

b02e7a4d7e7022b229f04767d6ccb7945aaf3f052546d462815df0dc8969c57e
SHA512

0cd39bf632eb77b54939d34e1ac2bda86b48f05a49370ce82363568c1c032ab14ea23fd37c7b2a27d11fc9d1cc324f21c12a9d11a23b0542531125a6d2ce7318
SSDEEP

3072:pCkrtwQqSoV1c1fsFLKlr7M1Uvk+t8zbHzJPKz:pH/qL4sglr7Ma/tQzJyz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f98819ef7885dd7b115cbd9caf087f6e_JaffaCakes118

Files

f98819ef7885dd7b115cbd9caf087f6e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7d14bf9ec42028cef2cac4fc07df34ac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateNamedPipeA
GetProcAddress
LoadLibraryA
UpdateResourceA

user32

GetAsyncKeyState
TrackPopupMenuEx
SetPropA

gdi32

GetCurrentPositionEx
GetMetaRgn

Exports

Exports

hwrfpwhcfnshwi
plinnhawlwrmyex
zhslfddbh

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ