008ff8d9f4aeee585ee8b6a35413c198_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

008ff8d9f4aeee585ee8b6a35413c198_JaffaCakes118
Size

162KB
MD5

008ff8d9f4aeee585ee8b6a35413c198
SHA1

445f6df35c99dbcc02382c4c229fcab05dd0407a
SHA256

4c5d0ad06a3f5d6683fdc11869b4d5ea55a6fa6bfe0c15bdca66a8ca934f6a8e
SHA512

87251efcbea924cf2f1d76f2cda699825494034749f2eee89fed86bd2cbdf194923054ad98276b738ceae673ad9d4892b650aff49efa5e1db18deec348dab74c
SSDEEP

3072:/sStppTjGxJ002cpixN65Pe42IDs1qSpVaqmUf1MWFLRwmb/nBEVtzqkyHMSfyzv:XppTkSAWNIPe4JDsciV2O19FNUExHzfy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
008ff8d9f4aeee585ee8b6a35413c198_JaffaCakes118

Files

008ff8d9f4aeee585ee8b6a35413c198_JaffaCakes118
.exe windows:54282 windows x86 arch:x86

2aadd1eaa1894e99d1f04ddbb4c4dbca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExW
GetDC
CreateWindowExW
LoadIconW
SendMessageW
LoadStringW
GetSystemMetrics
PostMessageW
GetWindowRect
LoadIconW
ShowWindow
ShowWindow
DefWindowProcW
SetCapture

advapi32

RegOpenKeyW
AllocateAndInitializeSid

gdi32

CreateBitmap
GetDeviceCaps
GetDeviceCaps
MoveToEx
SetBkColor
CreateSolidBrush
StretchBlt

kernel32

GetCurrentProcess
QueryPerformanceCounter
VirtualFree
lstrlenW
FreeLibrary
MultiByteToWideChar
GetTickCount
GetCurrentProcess
GetTickCount
GetCurrentProcessId
LoadLibraryA
GetModuleHandleA
QueryPerformanceCounter
GetCommandLineW
ExitProcess
LocalAlloc
VirtualAlloc
lstrcmpiW
VirtualFree
VirtualFree
SetEvent
SetEvent
VirtualAlloc
GetModuleFileNameA
GetACP

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ