8269d1a61d296e2bc6195c4c0735c47d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8269d1a61d296e2bc6195c4c0735c47d_JaffaCakes118
Size

157KB
MD5

8269d1a61d296e2bc6195c4c0735c47d
SHA1

3df3070ad346154fe3831c4574501a142f99687c
SHA256

25f7292558d2a932769ef02aba5b11f9a7d71b1260fb55ad8aeba0dddd4dc83b
SHA512

ce3385376d64f8b4acfc1c752120be4ae5e3da7f58624435a497f4f14e34a85540674e6a4fcdfd05b9cb7975188ee8bd5a7b76b0497ddae43aaa23b77fc5623e
SSDEEP

3072:pHYNBi9HJxPGU8XX1JFcB5bp7ssxA+DN6i0ZxsM4kuKuP0oL+9Fx6V4TrqvL/G:ZYNBi9HJxuHz6B7DzDN69Cg+cShL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8269d1a61d296e2bc6195c4c0735c47d_JaffaCakes118

Files

8269d1a61d296e2bc6195c4c0735c47d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8980d33c4f1f365d0fa79f729eb462f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetCapture
ExcludeUpdateRgn
GetCapture
DestroyWindow
ValidateRgn
InvalidateRgn
UpdateWindow
IsWindowEnabled
RealGetWindowClassA
ValidateRect
IsWindow
FlashWindow
ReleaseCapture
EnableWindow
GetUpdateRgn

kernel32

IsBadReadPtr
FindFirstFileW
ConvertFiberToThread
SetCurrentDirectoryW
CompareStringA
GetSystemDirectoryW
SystemTimeToFileTime
SetThreadIdealProcessor
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GetLocalTime
GetStringTypeW
EnumResourceNamesW
SetErrorMode
SetEnvironmentVariableW
FindClose
LoadResource
FileTimeToSystemTime
GetShortPathNameW
RegisterWaitForSingleObject
LocalAlloc
GetCurrentProcess
FindResourceW
FreeLibrary
LocalFree
LCMapStringW
GetOEMCP
FindNextFileW
SearchPathW

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ