fd1b68aa0bf08c6341ec3dee1ddcccca_JaffaCakes118 | Triage

Sharing

General

Target

fd1b68aa0bf08c6341ec3dee1ddcccca_JaffaCakes118
Size

15KB
MD5

fd1b68aa0bf08c6341ec3dee1ddcccca
SHA1

88a13c0dbcab202d652152732d6711858179c44f
SHA256

cc800a14d3cd597654f5d36b09017c84234953fe68a06f2cb54f79fa804dbc78
SHA512

f2bb11225480a732178cdf3715acc4d6d2cd8cb6a4da22a51bae52244c61e94eb43dc1a41be99b7ede52bafb584480e5e17390cb719eda3bb00be0c8681dcda3
SSDEEP

384:i2fz1FPMnH4DA2zeY6G2qXN7ZmvH9uOVaLBMMhhb7VQrGO9ii2vwhY1Pd0jbpVZD:dFkH402yY6G28N7Zm/9uG5uhb7VQrGRQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd1b68aa0bf08c6341ec3dee1ddcccca_JaffaCakes118

Files

fd1b68aa0bf08c6341ec3dee1ddcccca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28eb917eed0addb36e4329edbb5369d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualLock
IsBadStringPtrW
CreateJobSet
GetNumberFormatW
FindNextVolumeW
GlobalFree
WriteConsoleOutputW
GetNumaAvailableMemory
WaitForDebugEvent
VDMConsoleOperation
WideCharToMultiByte

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 84KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE