e8d929e37e6a9a4a2f371da8594b4fda_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e8d929e37e6a9a4a2f371da8594b4fda_JaffaCakes118
Size

166KB
MD5

e8d929e37e6a9a4a2f371da8594b4fda
SHA1

b0f933b501b36f5ff05be839fb0c7249d061283d
SHA256

eaf76c75feabdaeb4d02e7fb56bd6311bb026977ae515d71aa08250882633533
SHA512

f64fd78926ddda332882d6c432d6d2e26849af82dfaf876ec0e75a524469a8ce952b59334a24889e3a290b2bc958b8fa4f9b5300da25351505786d3c54a787ee
SSDEEP

3072:IceEOrLX556GulAR+R8sniq3HjG57d7ALbn0OSRC+8RASlvM:IfEO/X556tlARg8snHTaWLb0OSA+2Ay

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8d929e37e6a9a4a2f371da8594b4fda_JaffaCakes118

Files

e8d929e37e6a9a4a2f371da8594b4fda_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb5699042a1b144af337c4e1b78f7f4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRemoveFileSpecW
PathCombineW
SHGetValueW
PathAppendW
PathFileExistsW

kernel32

FindResourceExW
GetCalendarInfoA
CreateFileW
GetProcessAffinityMask
ExitProcess
FlushInstructionCache
GetPriorityClass
EnumResourceNamesA
FindFirstFileW
LockResource
GetCurrentDirectoryW
SetCurrentDirectoryW
GetLocalTime
SetFilePointerEx
LoadResource

msimg32

AlphaBlend
TransparentBlt

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ