8bcd5d0552846eb0a621789501a7ba0f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8bcd5d0552846eb0a621789501a7ba0f_JaffaCakes118
Size

109KB
MD5

8bcd5d0552846eb0a621789501a7ba0f
SHA1

35ebf146454a9d6ad3cd49abd6f2f126e751d48e
SHA256

fa797bfc34c005e48c190d6c0ba972a8e16b91dbd2ea764c937c4c8aa28d2654
SHA512

d2fd401055f7fc54b8e958d05e6a124cd8ecb72f9cc75954ee98b7aaff8a2e31996ecc34046fc37958ff789e7b642b2c90575d135a503bf9f0a2f86981094e15
SSDEEP

3072:hMuG/KcNelGdo0U3bYIT6oluTesGmf901wNf8qX:NDMdWjT6GBFmfC8fTX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bcd5d0552846eb0a621789501a7ba0f_JaffaCakes118

Files

8bcd5d0552846eb0a621789501a7ba0f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c745c24b0f867cadcabc8dcbdbe419b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
GetVDMCurrentDirectories
CreateTimerQueue
CreateDirectoryExA
DuplicateConsoleHandle
GetNumaAvailableMemory
SetHandleInformation
CreateFiber
GetCurrentThread
ReadConsoleInputW
GetNumaNodeProcessorMask

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 85KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE