033adfe95008bd7a1ff0f06367c7d778_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

033adfe95008bd7a1ff0f06367c7d778_JaffaCakes118
Size

83KB
MD5

033adfe95008bd7a1ff0f06367c7d778
SHA1

77aa0b47bd4baf6d8a3f4c246f34c5a795092127
SHA256

fc1ad592647af065ce0c635a3d53ef6b0b9ce9b04bdb97bde543ade10414b9a0
SHA512

b362cb9d23e8170cb7615ed1f76c6eac60f2d4f3579ce0a2b6b990efb4850cddc83e66f396469a7bebf38bdc32b0eb8d1f85c6efcec9b038f57d749dc13be9b0
SSDEEP

1536:v8V3BBFlRbWOugr34nE2Q/LSHnVJDNoxUXkt3oOrcpjVrs2ryrd1vUQuqkO9hDFp:qlRbWOhr3jmnPWTKOrcHs2qRp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
033adfe95008bd7a1ff0f06367c7d778_JaffaCakes118

Files

033adfe95008bd7a1ff0f06367c7d778_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b2ae60ce77a089528fad6d8b8cd28437

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateNamedPipeW
SetCommState
GetLocaleInfoA
GlobalAlloc
GetCompressedFileSizeW
GetQueuedCompletionStatus
LZSeek
SetFileAttributesA
BaseInitAppcompatCache
FindAtomA
CreateToolhelp32Snapshot

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 27KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE