8b6c0346f177060cf932dc39aedf687e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b6c0346f177060cf932dc39aedf687e_JaffaCakes118
Size

63KB
MD5

8b6c0346f177060cf932dc39aedf687e
SHA1

6a51405618113c1c9206e43f7f89de8b1f50bbf0
SHA256

51723cddb07b5ffb33dc5fea511e9112598ec9212a289f8b9d4965c7bac223e1
SHA512

c78ef5ef90179b61609334268f5d4eb4cad6a343e276ec0a67094d2dd32f13e98352aee500a2e54ecb00b7bf49ce3824f168e71c2efa225d0aa9f850d23d1ff6
SSDEEP

1536:q7ZBTksr9Segk2pS22B2vVNV3bLk78GsRMsrIXaa:YZXrTgk8SXmVk78nUx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b6c0346f177060cf932dc39aedf687e_JaffaCakes118

Files

8b6c0346f177060cf932dc39aedf687e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8ec677eae8660d49a9cac627817a0725

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameW
GetConsoleAliasesA
FindFirstVolumeW
SwitchToFiber
Heap32ListFirst
FreeResource
GetConsoleDisplayMode
GetVolumePathNameW
InterlockedExchangeAdd
ReadConsoleOutputW
GetNamedPipeHandleStateW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE