36ec838b58bbc1abc40a2afe09f8dff3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36ec838b58bbc1abc40a2afe09f8dff3_JaffaCakes118
Size

109KB
MD5

36ec838b58bbc1abc40a2afe09f8dff3
SHA1

4de4bf3c52b54ae0b3d0d6f7380939680dacd153
SHA256

b6217a48cfd5503f1d272a8ea69a8900eeb2c69cf17bbf6902fba8e9f0971012
SHA512

28bf37347f20d7911ba281f7c2793afde13fbb8b9ff19be733e97483374d01f98fffbf94b02cf050e5c9680bc359aa215f3e0bf85dfcd1497877438d63e642af
SSDEEP

3072:IZ9ApCs8eQKIyswp7F9CoKkcEOtCjyfKI0OphD:IZ9ArQ3wxF/KxbfrB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36ec838b58bbc1abc40a2afe09f8dff3_JaffaCakes118

Files

36ec838b58bbc1abc40a2afe09f8dff3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f726bd7f1f33fe7f5b219a2a5b49f3c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
CreateNamedPipeA
GetProcAddress

Exports

Exports

xhpkihhuzea
yhhzsenlpptuxdy
ynmjngmwehx

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ