8fed0fe1e28dddb90003af0d383a219b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8fed0fe1e28dddb90003af0d383a219b_JaffaCakes118
Size

517KB
MD5

8fed0fe1e28dddb90003af0d383a219b
SHA1

3fd28999f2de701fdd578f25ea992d9a6e251db2
SHA256

2e35d8089e843639dcbb8788ab1c6965901a4b6a41f4f20cb59c5717b3c3137d
SHA512

4b5af086994f63f0a902f226fc6ee0045e50c78f00db68ebf523f8587d87f531b53f06b86ce7e2a748f4a516fe9ee8fc670d978b865ddc199550b445ca12f567
SSDEEP

12288:+ecAHnouJ1N/8NhATZiRdyL//k5+XyYLAvfZShIJp:+ecAIuf8AViRdyLu+CYMch0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fed0fe1e28dddb90003af0d383a219b_JaffaCakes118

Files

8fed0fe1e28dddb90003af0d383a219b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

73020d49a391504654aebf0d607e34a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
DeleteFileA
GetModuleHandleA
GlobalFree
WriteFile
CloseHandle
lstrcmpiA
ReadFile
GetFileSize
GetModuleFileNameA
ExitProcess
CreateDirectoryA
CreateProcessA
GlobalAlloc

user32

ShowWindow
EnableWindow
EndDialog
GetDesktopWindow
DialogBoxParamA
GetDlgItem
SetWindowTextA
GetDlgItemTextA
wsprintfA
MessageBoxA
FindWindowA
SetDlgItemTextA
SendMessageA
SendDlgItemMessageA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHGetPathFromIDListA
SHBrowseForFolderA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 498KB - Virtual size: 498KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ