8256e22bec642c7de13fd4a0f86205f2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8256e22bec642c7de13fd4a0f86205f2_JaffaCakes118
Size

152KB
MD5

8256e22bec642c7de13fd4a0f86205f2
SHA1

c29de631613fdabf7d1473174dfc6fe15566cca4
SHA256

613e363197f8cc62942985039b9691cdb3307a3c8789503c42847b983a504af3
SHA512

486b370b17e62fc7ebbee6c9a554b34822bbf26bccbc1bbe4a8fa5f104144b2da3fab6d40f7765da175ba1d70a7b2104935a2967703d51325141d786d89bf1fa
SSDEEP

3072:QbHFLiMGq9H8hRa1wlPEeMPPsJDHWHULjM:g5A8w5aCW0LjM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8256e22bec642c7de13fd4a0f86205f2_JaffaCakes118

Files

8256e22bec642c7de13fd4a0f86205f2_JaffaCakes118
.exe windows:1 windows x86 arch:x86

e741f467210af2b2a4fb830fdeb68b8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceFrequency
InterlockedDecrement
CreateFileA
GetModuleHandleA
FindFirstFileA
GetDateFormatA
lstrlenA
HeapSize
GetTickCount
SetStdHandle
LeaveCriticalSection
IsBadReadPtr
GetThreadContext
GlobalAlloc
GetConsoleOutputCP
ResumeThread
lstrcpyA
GetACP
ReadProcessMemory
Module32First
GetStartupInfoA
SetThreadAffinityMask
lstrcatA
GetVersion
VirtualQueryEx
GetConsoleCP
TlsSetValue

msvcrt

_except_handler3
_popen
__p__fmode
memcpy
exit
iswctype
_setmbcp
_ismbcl2
wcscspn
__set_app_type
_wexecve
__getmainargs
_beep
_ui64tow
_ultow
cosh
_adj_fprem1
_acmdln
_wcmdln
_adjust_fdiv
_mbscmp
strtol
_set_sbh_threshold
_XcptFilter
_controlfp
wcscoll
_i64tow
_ismbbalpha
_wenviron
_open
_exit
_initterm
_getw
__setusermatherr
_wspawnle
_setjmp
__p__commode

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 110B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ