54bf1dd27907d170fa285eb978393a94_JaffaCakes118 | Triage

Sharing

General

Target

54bf1dd27907d170fa285eb978393a94_JaffaCakes118
Size

7KB
MD5

54bf1dd27907d170fa285eb978393a94
SHA1

515a3dbab5f0634b3441c0f3c7bf933c74c6267a
SHA256

6d9838efc8584af2e3a3a6fc17f157e8f489667111aabf1a5b23c64a6647efaf
SHA512

cfdc1bf50d60e17bd68e2c406f5eac58d05aaae7122d65cdd855e54249cc7acbba34ba248e1cff08d287703e5fe1d3f7bc80eca5a87a278bc64e67e342a85d3f
SSDEEP

192:u+idCjDTtYJaQQR1rVf4vbGfK/pgxoExIKX1fsf:NiuftTQQR1rVf6meGuQ1E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54bf1dd27907d170fa285eb978393a94_JaffaCakes118

Files

54bf1dd27907d170fa285eb978393a94_JaffaCakes118
.exe windows:1 windows x86 arch:x86

999dbb570aed24b76501a0fea9c9f364

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

RealShellExecuteW
SHGetFolderPathW
SHGetUnreadMailCountW
SHFormatDrive

kernel32

CreateMailslotW

ntdll

LdrInitializeThunk
LdrAccessResource
NtAccessCheck
NtAddAtom

Sections

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 4B - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE