386525b6e034c1bd76f7bb3989a1e501_JaffaCakes118 | Triage

Sharing

General

Target

386525b6e034c1bd76f7bb3989a1e501_JaffaCakes118
Size

86KB
MD5

386525b6e034c1bd76f7bb3989a1e501
SHA1

813f573f6f568e627b39d37934e345579dd9ddf9
SHA256

a0163eda40a2662b6124fbb531fe9dd7c24a0d218b88950daf61cb89c0e1c77c
SHA512

dfd2ec336ba1a3ac1518c678003cd684195c8147feaffd7b5c3fa29b26dc0ed5b597da23bf860ff441ae87af818f9e691e03e3eaeada78fa2ae18cc9f481fb48
SSDEEP

1536:mQWQK1NNFIOp4GhVrwfJw01lKdA0E9GaZNRb2fTYU0t0l5snR+7WGDFBj3P7fzI8:mQf8EhgVrwS0jEU9G+jax0t+Ss7WGDrh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
386525b6e034c1bd76f7bb3989a1e501_JaffaCakes118

Files

386525b6e034c1bd76f7bb3989a1e501_JaffaCakes118
.exe windows:4 windows x86 arch:x86

82479c74b06b2b80fb8abac293504fc0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
SetConsoleCtrlHandler
Module32NextW
BackupRead
GetProcessWorkingSetSize
CallNamedPipeA
SetUnhandledExceptionFilter
GetProcessHeap
WriteConsoleInputW
SetNamedPipeHandleState
GetConsoleCommandHistoryLengthW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ice
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE