08e58e2566cd7a38bc4d4a771030d5e9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08e58e2566cd7a38bc4d4a771030d5e9_JaffaCakes118
Size

368KB
MD5

08e58e2566cd7a38bc4d4a771030d5e9
SHA1

230f98afe91212e5b743709260619ee8ff22c2b3
SHA256

ca83df00c9fb841bc6944ea1bd35d29a642dd24bdf7288fabc6f4cd1ee871ec8
SHA512

cfa9951d40e9166f94c091abb8bbabe3d0fa6d6f44094e60bdd68267a2610975d7f7c3775e844fcfb6db77795576da99238c6e57c1454fad85539e154d00b5bd
SSDEEP

6144:FjRMrShrVf/DRauRHlwrFYaN5ino7241GtMqzIXPH8CV+mybPzKP3zUeXm9+r:FjRMQrpDneFNzino7IUHybPzQjUeX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08e58e2566cd7a38bc4d4a771030d5e9_JaffaCakes118

Files

08e58e2566cd7a38bc4d4a771030d5e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

18cbbfee9a4533d173bcd512cc91d994

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
CreateEventW
GetCurrentThreadId
SetEvent
ResumeThread
LocalFree
EnterCriticalSection
TlsGetValue
GetDriveTypeW
FindClose
SetLastError
lstrlenW
GetConsoleAliasW
GetPrivateProfileStringW
GetCurrentProcessId
FindAtomW
HeapCreate
ReadFile
EnumCalendarInfoW
GetNumberFormatW

user32

GetKeyboardType
CallWindowProcW
IsWindow
DispatchMessageA
GetMenuInfo
SetFocus
GetSysColor
GetCursorInfo
GetClassInfoA
GetKeyState
GetClientRect
DispatchMessageA
DrawTextA

unimdmat

UmCloseModem
UmCloseModem
UmCloseModem
UmCloseModem
UmCloseModem

msasn1

ASN1BERDecBool

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 358KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ