08f7e8863c97ec7d54b140fe8075f93b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08f7e8863c97ec7d54b140fe8075f93b_JaffaCakes118
Size

26KB
MD5

08f7e8863c97ec7d54b140fe8075f93b
SHA1

65b6ac6067ff6926784d3db99d357ef000443c6e
SHA256

1af7fa2ea9ff1523990971c7cd185c9862e3fdf3dc2543b8c35589d1d075d5b9
SHA512

2e73beb73d59e0e8839707ddc7b7a51de755d09af39c7329b4287d4f2479132c117e00aef59043fceabe98a89f0db1f98814648d0bd9e5d1b96e471346c41752
SSDEEP

384:/XNoOOuK+byHxYBwHTSdPQi2BiQu+jOUSbvTLKmUJNiwurdcf6Dq/Vb96:/XjyHSBwaPEXvSvfrifZ/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08f7e8863c97ec7d54b140fe8075f93b_JaffaCakes118

Files

08f7e8863c97ec7d54b140fe8075f93b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

62b976b283cf2b9f0bd57647c010cc21

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CreateThread
SetFileAttributesA
GetModuleFileNameA
GetLastError
CloseHandle
ReleaseMutex
OpenMutexA
WinExec
GetTempPathA
ResumeThread
CreateProcessA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
WaitForSingleObject
ExitProcess
CreateMutexA
lstrlenA
CopyFileA
GetSystemDirectoryA
GlobalMemoryStatusEx
GetComputerNameA
GetLocaleInfoW
VirtualAllocEx
VirtualProtectEx
VirtualAlloc
GetModuleHandleA
WriteProcessMemory
SetThreadContext
GetThreadContext
ReadProcessMemory
VirtualQueryEx
TerminateProcess
Sleep
ExitThread
GetTickCount
RaiseException
InterlockedExchange
LocalAlloc
FreeLibrary

msvcrt

fopen
fclose
fseek
ftell
fread
??2@YAPAXI@Z
malloc
sprintf
rand
_except_handler3
strncmp
exit
strstr
strncpy
atoi
strcspn

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE