52c017a17479a28b2b68a913cff65f07_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52c017a17479a28b2b68a913cff65f07_JaffaCakes118
Size

83KB
MD5

52c017a17479a28b2b68a913cff65f07
SHA1

647fd9af441494cde5832a1932dfb806b4803fb3
SHA256

b89e21b2b9171cb9b9280528c10f7d7c2814f7dfbba77b27ccda3b361f02cfab
SHA512

6c7fbc01d10b61c5fbacbec65ad2f476169d7ccde359db9b4a5effc2b5ceedf13e96944e6d77e392e8a3268f9468b1dbc2938414ae09a3787eaf72ca93172735
SSDEEP

1536:Q5o7AlLky1z+pRG279Z6Xza3z7he/NQzSg2/pjVrs2ryrd1vUQuqwcizSkX:0o78xK229Z83NQJ6Hs2quciu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52c017a17479a28b2b68a913cff65f07_JaffaCakes118

Files

52c017a17479a28b2b68a913cff65f07_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5939460e7bb1e6f7a8bd72239344b590

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenDataFile
QueryPerformanceFrequency
GetCommState
GetProfileStringA
SetCommState
GetPrivateProfileIntW
TransactNamedPipe
SetVDMCurrentDirectories
RegisterConsoleVDM
lstrcatW
TlsGetValue

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE