1053223ce676df13a66b87ef8549cd01_JaffaCakes118 | Triage

Sharing

General

Target

1053223ce676df13a66b87ef8549cd01_JaffaCakes118
Size

319KB
MD5

1053223ce676df13a66b87ef8549cd01
SHA1

9bcd48ee121278b3008b72fae5203860675b4698
SHA256

72cd21d91e4bcc6d77509c80d7b0fa078318f7ff247f16d064ab391f2b5df6bd
SHA512

3b522266fdd0bddcaa3d5154f87dda8c95cb38a3a60f2531d8f4e735559a6b8a894e9d73c88b282a0719469ad98480372c5d5733654713edc8745c2f51d8ae72
SSDEEP

6144:jTjgppdulQPWuOg78umwAJwsKAD56IUdc1oxebwXRcqA4152HwynSBAm8:jvgpDulQPdOqm3ZDCcGxawXR/A45ynS4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1053223ce676df13a66b87ef8549cd01_JaffaCakes118

Files

1053223ce676df13a66b87ef8549cd01_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f726bd7f1f33fe7f5b219a2a5b49f3c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
CreateNamedPipeA
GetProcAddress

Exports

Exports

rofngxguhstvees
vlswndsdnqpwj
xgehpmgv

Sections

.text
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ