e8e7fc5acadd62f29a037ad9d8aa3092_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e8e7fc5acadd62f29a037ad9d8aa3092_JaffaCakes118
Size

208KB
MD5

e8e7fc5acadd62f29a037ad9d8aa3092
SHA1

a3dbd689c5ef4e3621b50fd4b9953bee77b0993d
SHA256

c75e5748ae1becb70cd0c13cb0bb2be2c18bbebd6d8c364a95eb9b0a9758b7b0
SHA512

ab0eab188cd5494eb8095bb214fddf1a70dfbdfc79f4e1d95c2029ff6f19acd3e73886f202c189a8823c2c3bcdce0ef4b026d265aef3ffadfe76d3be126a1821
SSDEEP

6144:3FJrz67AMf39mZqWsBemz4kSiXgE1S3V6EZ1+WIG:Tz6UOmZ0BeVI0UEZQTG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8e7fc5acadd62f29a037ad9d8aa3092_JaffaCakes118

Files

e8e7fc5acadd62f29a037ad9d8aa3092_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4622c9bccc088d29556a3abc7c1e795

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleWindow
ResetEvent
SetFileApisToOEM
HeapFree
GetDiskFreeSpaceA
WriteConsoleOutputCharacterA
SetFileAttributesA
GetSystemDirectoryA
GetVersion
WritePrivateProfileStringA
IsValidCodePage
GetCurrentThreadId
VirtualAlloc
SetErrorMode
GetExitCodeThread
ReadFileEx
SetComputerNameA
FindVolumeMountPointClose
FindFirstVolumeMountPointA
GetProfileIntA
GetFileAttributesExA
RemoveDirectoryA
CreateDirectoryExA
HeapSize
ResumeThread
GetCommandLineW
LZCopy
GetNumberOfConsoleFonts
HeapAlloc
WriteConsoleA
VirtualLock
SetFilePointer

ws2_32

socket

Sections

.itext
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 168KB - Virtual size: 828KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ