4587d570c10b2b1b0458c5a9b8ffc8bc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4587d570c10b2b1b0458c5a9b8ffc8bc_JaffaCakes118
Size

59KB
MD5

4587d570c10b2b1b0458c5a9b8ffc8bc
SHA1

174365ba6e2512b0ce9dd0b0070ab8f90d12d3e0
SHA256

97ab75b9ab4e4a8a10a2b8f8289605c19bbfc727192c2005701926029d3a3487
SHA512

eff9d23f979488a65b726ebd530938aaee9f7ada9a739e0308298ea734c89e26cab236d7a7f86ee27887f0cfa17eb015cca3d077c41ece4392a29f81761cd394
SSDEEP

1536:kqWSDWeweHPGVLX2i1dNyaeEBXM8FWBsAB6CYfD67+QN:F6eHgXDd8g+kZyud

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4587d570c10b2b1b0458c5a9b8ffc8bc_JaffaCakes118

Files

4587d570c10b2b1b0458c5a9b8ffc8bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bdd5e0f450c2abdb09896fd48bc9a2dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMailslotA
SuspendThread
Sleep
DeleteFileA
SetLastError
lstrcmpiA
CreateNamedPipeA
GetVolumePathNameA
GetModuleFileNameA
FileTimeToLocalFileTime
GetStdHandle
WaitForSingleObject
GetProcessHeap
lstrcmpiA
lstrcmpiA
HeapCreate
GetModuleHandleA
IsValidLocale
lstrlenA
lstrcmpiA
GetDriveTypeW
GetLogicalDriveStringsA
lstrcmpiA

scecli

DeltaNotify
SceSysPrep
SceOpenPolicy
InitializeChangeNotify

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ