ff48ff33ae1a23a2fdaf07492c9d6631_JaffaCakes118 | Triage

Sharing

General

Target

ff48ff33ae1a23a2fdaf07492c9d6631_JaffaCakes118
Size

109KB
MD5

ff48ff33ae1a23a2fdaf07492c9d6631
SHA1

8c2448e9c43a154be46e8260bb9c3b66dee99f2a
SHA256

de751b15e97c8e2653d5f0861379bedd9be71f6696f95b0c364635d184420c74
SHA512

901e9802d60aaf8e76d513c9aa3fd6b0cfc631b2819b9c484e08f7953d432961812c4a93bd5556f9fc776dcc1209e41722e9f0050c464948915aaa57f23e87bd
SSDEEP

1536:3+ZlAp4wbapA52ggOrjIj3q0CmDU/nRu+YgCrmr/Ojtr6V6hE6Ha8AjEsSfJhL0p:3+vpQ2g7sPUvRLkir2jtr6VCapJ6xuo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff48ff33ae1a23a2fdaf07492c9d6631_JaffaCakes118

Files

ff48ff33ae1a23a2fdaf07492c9d6631_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f563229a45ecde155407c117b652570a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetLastError
GetTickCount
ReadFile
CreateWaitableTimerA
GetConsoleTitleW
lstrcmpiA
GetDriveTypeA
GetExitCodeProcess
GetLogicalDrives
SetStdHandle
SetLastError
GetStdHandle
lstrcatW
IsValidCodePage
GetBinaryTypeA
TlsAlloc
GetPrivateProfileStringA
EndUpdateResourceA
GetLocalTime
HeapCreate
SetPriorityClass
CreateNamedPipeA

netshell

NcFreeNetconProperties
HrLaunchConnection
DllGetClassObject
HrGetIconFromMediaType

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dataz
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpcx
Size: 1024B - Virtual size: 521B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ