3f6a558955f426a7f8fb26f6de1d766d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f6a558955f426a7f8fb26f6de1d766d_JaffaCakes118
Size

139KB
MD5

3f6a558955f426a7f8fb26f6de1d766d
SHA1

cfd53e9a621cbdc807d33cb92f5f677c9122eda4
SHA256

e2bdafa11af47e549555248dcb8630cb80cb6029a328cda70c54f9bf5b2a734a
SHA512

14bacdc3efa6d76f95d54694609f5c948425b498b8fde8a8eea07460f018f62e6624a8c27b8d4f9f23a36ea8fa4cd60533e1a7e12c00c13edf4099df9d929f63
SSDEEP

3072:pCkrtwQqSoV1c1fsFLKlr7M1Uvk+t8zbHzJPKl:pH/qL4sglr7Ma/tQzJyl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f6a558955f426a7f8fb26f6de1d766d_JaffaCakes118

Files

3f6a558955f426a7f8fb26f6de1d766d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7d14bf9ec42028cef2cac4fc07df34ac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateNamedPipeA
GetProcAddress
LoadLibraryA
UpdateResourceA

user32

GetAsyncKeyState
TrackPopupMenuEx
SetPropA

gdi32

GetCurrentPositionEx
GetMetaRgn

Exports

Exports

hwrfpwhcfnshwi
plinnhawlwrmyex
zhslfddbh

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ