08f8faa2ed49a9ed0c789ea49e191dae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08f8faa2ed49a9ed0c789ea49e191dae_JaffaCakes118
Size

244KB
MD5

08f8faa2ed49a9ed0c789ea49e191dae
SHA1

a5c87bf5cb3257ff923d0e3dd55e3ee56e852f33
SHA256

1e1365460a72abe96f9a42ba4e3ca545c58044bb014e2a25d7fc74b8fd05385f
SHA512

d69fcf4dc53e9f1cef42d3e6c31951ce7b4c2b0b54be7ef75a2467c6c720799d3599bd845a84212b967cd532ed2c1ec3e874ec89018c02c0ecfb2298dd3acbe7
SSDEEP

3072:O00bOePHDkUe0mVZLTYNAUnSptxldQIaevadbRS/LKfuEaLeYbnfLk8GuhSi:OHb5elZLFUSLsevadF+KfhzY5b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08f8faa2ed49a9ed0c789ea49e191dae_JaffaCakes118

Files

08f8faa2ed49a9ed0c789ea49e191dae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f69cbe801252d335ea57865d3bb68b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
TlsGetValue
GetCurrentProcessId
TlsAlloc
FreeLibrary
GetCommandLineA
CloseHandle
GetLogicalDrives
GetModuleHandleA
TlsSetValue
TlsFree
VirtualAlloc
Sleep
GetCurrentThreadId
GetModuleFileNameA
GetThreadPriority
IsValidCodePage
GetCurrentProcess
GetCurrentThread
GetDriveTypeA
GetSystemDefaultLangID

user32

BeginPaint
ReleaseDC
IsWindowVisible
RegisterClassA
GetWindowTextLengthA
CreateWindowExA
ShowWindow
GetSystemMetrics
GetForegroundWindow
GetWindowLongA
GetClassLongA
GetFocus
GetActiveWindow
UpdateWindow
GetWindow
OpenIcon
GetWindowTextA
GetDC
GetWindowDC

advapi32

IsTextUnicode
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
GetUserNameA
RegCreateKeyExA

version

GetFileVersionInfoA
VerLanguageNameA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ