29b3e3f34e392a9b852ea1c9fa75b029_JaffaCakes118 | Triage

Sharing

General

Target

29b3e3f34e392a9b852ea1c9fa75b029_JaffaCakes118
Size

58KB
MD5

29b3e3f34e392a9b852ea1c9fa75b029
SHA1

9e3dc328b9949e9b60589fad248ba11e85a873da
SHA256

8d18f168aab04cdb3f6c4c5e121c31f884bbe091a468838ca4edcf1be5aacfe9
SHA512

2784368f3b70618b0bb2400422e7e80e1b53ef9378f20a5f3f0da0df42d447caaa9ce6c02f3efd650ca5d38e56fe24a1c4c0c21a92c711485b3b95980488c002
SSDEEP

768:LeL66DO30vAY3Ejt6PfHxOLCMJ2lM5M4FyXEI2vC7DUExDOZssGH3c:Le2pkvnG6P4LCMJ2l1gWEHUUsOZst

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29b3e3f34e392a9b852ea1c9fa75b029_JaffaCakes118

Files

29b3e3f34e392a9b852ea1c9fa75b029_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f09006a8ca9ac76446ae19514427009a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetLogicalDriveStringsA
GetModuleHandleA
GetModuleFileNameA
lstrcmpiA
FileTimeToLocalFileTime
GetStdHandle
lstrcmpiA
HeapCreate
GetVolumePathNameA
lstrcmpiA
lstrcmpiA
CreateNamedPipeA
Sleep
SetLastError
OpenMutexA
lstrcmpiA
DeleteFileA
CreateMailslotA
GetDriveTypeW
WaitForMultipleObjects
GetProcessHeap
IsValidLocale

scecli

InitializeChangeNotify
DeltaNotify
SceSysPrep
SceOpenPolicy

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ