e8f9a8a3ebc2982787e9bb4a3d6bf3df_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e8f9a8a3ebc2982787e9bb4a3d6bf3df_JaffaCakes118
Size

9KB
MD5

e8f9a8a3ebc2982787e9bb4a3d6bf3df
SHA1

e062b857385b0484a9929aba847c232d67ce8a15
SHA256

44cbca6f46e9c39b62047adc4c7aa9fcd7ae1da52226ab8e5826a7e905028f7b
SHA512

367a82f08d4ea744309e919332502c6cca97719a2a93af253e8a24343bdaddda546d1681c689a100a599a43f3a6a017120983a12ca45b8401e92c0202f81e26b
SSDEEP

192:6EMY2iXlH/6yG2SQCvDFZCzXs8umtc5iv4nMmGr:6M2lyGxQKDXCzXVI5Dn6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8f9a8a3ebc2982787e9bb4a3d6bf3df_JaffaCakes118

Files

e8f9a8a3ebc2982787e9bb4a3d6bf3df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d3a008f4f08a505723cdb1f0aaf0d3a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProcessMemory
VirtualAllocEx
GetProcAddress
LoadLibraryA
VirtualProtectEx
GetThreadContext
CreateProcessA
GetCommandLineA
SetThreadContext
ReadProcessMemory
ResumeThread

user32

GetDC

gdi32

SetTextColor
GetTextColor

Sections

.rdata
Size: 1024B - Virtual size: 530B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE