8ec8deba1bb615b3ac29156ab8dccf27_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ec8deba1bb615b3ac29156ab8dccf27_JaffaCakes118
Size

100KB
MD5

8ec8deba1bb615b3ac29156ab8dccf27
SHA1

65a769e32e04cba897d318aa8d8c5f975a0a1f0c
SHA256

f81ce057cb08c6984d1cf3128a1f9347eb1ba23292c9e25a3de5c282a6e12d42
SHA512

089db57f289d6c137f3cc8e1eeff782bf31694488aae4382e51237869dfd93ba76350f2d0c67b6865b87dda97d14310fa5d3edf842939c4d32e89e94403298bb
SSDEEP

3072:DwvZmgCfh0QhEhPhc89xTliy5hSS3mYJrbZXoJjp:DeWBhk9xBx53menpoT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ec8deba1bb615b3ac29156ab8dccf27_JaffaCakes118

Files

8ec8deba1bb615b3ac29156ab8dccf27_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92f796152f52f3c4dc68fd47f1aa7593

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnfix
ReadConsoleA
HeapUsage
RestoreLastError
InterlockedIncrement
EnumResourceLanguagesA
VirtualBufferExceptionHandler
GetHandleContext
SetFileTime
DisconnectNamedPipe
GetConsoleHardwareState

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 76KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE