e8af47111c0f4bea37edc2c30ea5c168_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e8af47111c0f4bea37edc2c30ea5c168_JaffaCakes118
Size

80KB
MD5

e8af47111c0f4bea37edc2c30ea5c168
SHA1

3f1083feaae57a6e3a85da60dc88c017e09274c6
SHA256

ae1afd6234affce622086a922b0efcdad310a201f8cb04852e94a39ce109b01e
SHA512

e6280dc157e1e18af430adcc19bb71f5f2f5febb16ad31bc84261b2884a53672a36b97f6ca984650266dfe92d7d48dbcfc5d13d7ec1d75362877b01f9d6660c8
SSDEEP

1536:WpEhECMD5gcYIIRTxT1HU9HVsRF2aux/1ieUNAnFO9H:Wp7tgZB5HUh2RIs8Fm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8af47111c0f4bea37edc2c30ea5c168_JaffaCakes118

Files

e8af47111c0f4bea37edc2c30ea5c168_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf1c4ec3d66ac361b39e569ab1552892

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileW
FindFirstFileW
FileTimeToSystemTime
SuspendThread
CreateFileW
GetLocalTime
WriteFile
GetFileSize
LoadLibraryW
GlobalAlloc
GetCurrentProcessId
GetProcAddress
CloseHandle
CancelWaitableTimer
DeleteFileW
LoadResource
FreeLibrary
WaitForMultipleObjects
ResumeThread
LoadLibraryA
lstrlenW
SetLastError
MulDiv
GetFileAttributesExW
GetSystemTime

gdi32

CreateCompatibleDC
SetDIBits
MoveToEx
SetBkMode
LineTo
CreateBitmap
Rectangle
DPtoLP

Sections

.fifge
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.irnqii
Size: 4KB - Virtual size: 882B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.srwdtb
Size: 4KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE