8e35d9c154cfdb1709bfcd36bb3d4832_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e35d9c154cfdb1709bfcd36bb3d4832_JaffaCakes118
Size

83KB
MD5

8e35d9c154cfdb1709bfcd36bb3d4832
SHA1

c2d274908a2fac73fda12d5cce95907994e91d8c
SHA256

0ff2acd7e64c27e3e13f67dce7db74f4ccb6db710a489a46423c70cd25ccf933
SHA512

3b96eaa3841339dbf9b9b2737ece0d56388ae97fb4f2311d127eb87c8793bc225e163ea05161a5ee7169571288abb50498a52a9135e72fd50bfc7e23e8e47651
SSDEEP

1536:Bvi8TSzs2fn7KM+vAjgBajjs/hZy0lzX4IytjEErxTWDTMqhGKYIZTET8bDQ:FhTSzsSuCsgkZy0lj4IytjBkMqhGKZTE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e35d9c154cfdb1709bfcd36bb3d4832_JaffaCakes118

Files

8e35d9c154cfdb1709bfcd36bb3d4832_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c015de5de0d50213e4f3b53d80de0913

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingW
Process32FirstW
LZCreateFileW
BindIoCompletionCallback
SetComputerNameA
OutputDebugStringW
BaseQueryModuleData
AddAtomW
ConvertThreadToFiber
CreateWaitableTimerA
DosPathToSessionPathA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE