0d6f619675ab486e7ca5daa73532a5dd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d6f619675ab486e7ca5daa73532a5dd_JaffaCakes118
Size

31KB
MD5

0d6f619675ab486e7ca5daa73532a5dd
SHA1

787ae1924e982994183542341ac28d377ade437a
SHA256

5447b162b2dad9965fe4b0a6efb7f1f87b5e358eaa627b4bb4b87260adeca221
SHA512

d5756fa0d7560aee7d1c4e73fb57966d7da9bc9bd820d33b0f99051a5e6061df5edc09f3dfcc395796b87a42bd1755781e2d2c1f7b382cf164eb79b3c2ca2eac
SSDEEP

384:XLcygz0MjvwqZ9sYNsdCFLPHYS0v6smuBJUyL5nNqrlVKZURX9H566KDdQu5:Xho0UwesdCxgS06sVUEqOZU1W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d6f619675ab486e7ca5daa73532a5dd_JaffaCakes118

Files

0d6f619675ab486e7ca5daa73532a5dd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

137f13669d9429e1b0e7ac043f9d4a49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
lstrcmpi
lstrcpynW
GetNamedPipeHandleStateA
GetCommConfig
CallNamedPipeW
GetQueuedCompletionStatus
GetConsoleAliasExesLengthA
DosDateTimeToFileTime
FlushViewOfFile
EscapeCommFunction
GetNumberOfConsoleInputEvents
GlobalSize
_llseek
GetConsoleFontInfo
IsDBCSLeadByteEx
GetBinaryType
AllocConsole
ConvertThreadToFiber
CreateSemaphoreA
GetProfileStringW
TransactNamedPipe
RemoveDirectoryA
GetAtomNameA
ReadFileScatter

Sections

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ