426d813303fa20431f185cdf6b4865ba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

426d813303fa20431f185cdf6b4865ba_JaffaCakes118
Size

1.1MB
MD5

426d813303fa20431f185cdf6b4865ba
SHA1

08cf75b5412c136e2bbf84c6804947140457a01f
SHA256

1dd3e1ad6df39dbacd068acf32443a4ddaf3a2d583f1be079e6bf8473ec3fcc3
SHA512

bc0f163aef0f3faf8518b0e72f1b654454def7394533806b21cbe26df6ee1023c65ca93683bed4f8cbb281ad755ccd0093a493d2abad70ebbf904faa98470396
SSDEEP

24576:rKAeN9lNBYjd6+yPnRn9fEWzC3HW6G+kuFiKFDahGNg2g2o:r+91PKTF14h6L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
426d813303fa20431f185cdf6b4865ba_JaffaCakes118

Files

426d813303fa20431f185cdf6b4865ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8594d84e6183f0fbc3b233794fd769f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetModuleHandleA
FindResourceA
HeapUnlock
FreeResource
ConnectNamedPipe
SuspendThread
SetFilePointer
SetThreadContext
GetCurrentThread
CreateNamedPipeA
HeapAlloc
PeekNamedPipe
ReadFile
LockResource
CloseHandle
OpenEventA
GetLastError
GetFileAttributesExA
CreateFileA
ExitProcess
GetNamedPipeHandleStateA
CreateThread
LoadResource
OpenThread

Sections

.text
Size: 734KB - Virtual size: 736KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 395KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ