08ce578e8544fabf963c19d949d52dac_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08ce578e8544fabf963c19d949d52dac_JaffaCakes118
Size

799KB
MD5

08ce578e8544fabf963c19d949d52dac
SHA1

58fd497a4114bb0bfb9e90b6bb31d6ca76c7f195
SHA256

7a4ff3955682fa77caba0bdd3bcf9b520e9b8a587da6a0d5d3c61955639ba9b8
SHA512

ce72c07ceb8693902091e14921290f76a8b718b3ccb9e64632ce2b32afa822a746bd28845bca153aac60ec0d386e4436869fcaedc3b9b0517eff8429570ad871
SSDEEP

12288:UMRYx679KMjTgwMDn956jmvY5Un0wJGGopylCRcMgCJTR1zLtituUXJOlCBSXOOH:Un6RKKKL7LBlQcHoTRfAuUAlCevSr76

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08ce578e8544fabf963c19d949d52dac_JaffaCakes118

Files

08ce578e8544fabf963c19d949d52dac_JaffaCakes118
.exe windows:5 windows x86 arch:x86

99cfdb8a15c99bc7e6cb8a12fb6994e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ResetEvent
MapViewOfFile
GetStringTypeA
FindClose
HeapSize
SetLastError
GetFileAttributesA
VirtualProtect
RemoveDirectoryA
GetExitCodeThread
TlsGetValue
GetModuleHandleA
FindResourceA
GetLocaleInfoA
IsBadWritePtr
GetProcessHeap
CreateDirectoryA
GetFileAttributesA
IsValidCodePage
GetDriveTypeW
GetTickCount

user32

GetCapture
GetWindowTextW
LoadImageW
LoadCursorA
DispatchMessageA
PeekMessageA
PostMessageW
IsWindow
GetWindowLongW
IsDialogMessageA
SetFocus
SetCursor
wsprintfW

msaatext

DllCanUnloadNow
DllGetClassObject
DllUnregisterServer
DllUnregisterServer

rasapi32

DwRasUninitialize

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 789KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE