102b48f2a8a3e664f42148f95487f11c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

102b48f2a8a3e664f42148f95487f11c_JaffaCakes118
Size

56KB
MD5

102b48f2a8a3e664f42148f95487f11c
SHA1

c286eaad0b501d57ebeecbde78a7799f02674e1e
SHA256

aafe761f984efe1817dcf2f855952b51510fc2c3e4c653d1b2ba7987b7816e34
SHA512

12c572e2494a9c9c2e8efb2896359f857488512b904d0a5e8b0d85bace883c5178ecde76bfea85d70b85d1bff389cdb11ea1e840e3672510a4f41f929c786d3d
SSDEEP

768:3EHFJoVoiJYdPUhnVnwAJrZmRz4Qkd0eSnayVJuQlT3vCml3UMfqjAQZ2idJEcGn:38ywS+Dnayn9T3BFEAQZG/b6DzFeGvvU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
102b48f2a8a3e664f42148f95487f11c_JaffaCakes118

Files

102b48f2a8a3e664f42148f95487f11c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9aab0da86b713e52fcae460c80862413

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumTimeFormatsW
CreateTimerQueueTimer
GetUserDefaultLangID
FindResourceW
WaitNamedPipeA
CreateFiberEx
GetConsoleAliasExesLengthA
InterlockedIncrement
InterlockedExchange
LZCloseFile
CreateMailslotW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE