0e509f605994f50480e9a81688e669ac_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e509f605994f50480e9a81688e669ac_JaffaCakes118
Size

319KB
MD5

0e509f605994f50480e9a81688e669ac
SHA1

b2dbd9d01643116c6b0d4a13c3b0da12570b373a
SHA256

b25b6745695c53f0f8b70ec039871a06962b1d550da2c0b9d3417f5643291892
SHA512

2c55785f5a8383f164e0d59505a226b68c8d212d30f9f12e9ee46067711bebfb67ecda232b67368afb1ccec95257847529821ff513f7352c7c83bae4872f8836
SSDEEP

6144:jTjgppdulQPWuOg78umwAJwsKAD56IUdc1oxebwXRcqA4152HwynSBAb:jvgpDulQPdOqm3ZDCcGxawXR/A45ynSu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e509f605994f50480e9a81688e669ac_JaffaCakes118

Files

0e509f605994f50480e9a81688e669ac_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f726bd7f1f33fe7f5b219a2a5b49f3c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
CreateNamedPipeA
GetProcAddress

Exports

Exports

rofngxguhstvees
vlswndsdnqpwj
xgehpmgv

Sections

.text
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ