8b9176949078347ca31c12ce79b4892c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b9176949078347ca31c12ce79b4892c_JaffaCakes118
Size

57KB
MD5

8b9176949078347ca31c12ce79b4892c
SHA1

45c552d5f5c78bddf0c1e71cd0aa45ef299ebfe0
SHA256

339406b91896650961bf7057720cad46590b5438d18cedb35bc598a5ee76bb76
SHA512

419a8df16a1976431c75912042077b3be9fa43bd6ca3cd8d62e0f8b821ee65e0404479b7c81d3506227010502488dd299413e2a692c85d45fd0d2ed6094c3d2d
SSDEEP

1536:fm4T6fRCgvsXsjOyP8TsYMuIH4/W+PD3bER2LNwYxvtI0:fm8gRHvI+OyPMWuIHCW+sALN7R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b9176949078347ca31c12ce79b4892c_JaffaCakes118

Files

8b9176949078347ca31c12ce79b4892c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d6ef982648a1996efed0ab816dfdb6a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CallNamedPipeA
GetProcAddress
GetCommandLineA
GetConsoleMode
GetModuleHandleA
InvalidateConsoleDIBits
VirtualProtect
VirtualQuery
VirtualAlloc
WriteProcessMemory
VirtualFree

iphlpapi

GetAdaptersInfo

ws2_32

select

advapi32

RegSetValueExA

ole32

CoCreateInstance

oleaut32

SysStringLen

Sections

.code
Size: - Virtual size: 152KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE