82bf8ee4a45ff1782675fc2cd4a84a32_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

82bf8ee4a45ff1782675fc2cd4a84a32_JaffaCakes118
Size

296KB
MD5

82bf8ee4a45ff1782675fc2cd4a84a32
SHA1

dfeb9db15a6ae57fb55e79663a649e7eb7ff97bd
SHA256

a8d8c2269ef64cd1fd6ae3a78249da9a03b5aa8a74976c3b8f17bcb392cdbad2
SHA512

acb8beb86555f82685af60597d2a2f5e41eaf96b0c622116712dbfe06050d591c9930700928e7e5c063fa82175a6019738a538d2eb55f4ce0a2f4f5c7a9a3719
SSDEEP

6144:EjB02Vf2ZIdwdulq/Jx7D3KXncC9gn5q0QWJTQ6WTR0LJA:EjB1J/s7n3KXcC9g5q0JoTEJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82bf8ee4a45ff1782675fc2cd4a84a32_JaffaCakes118

Files

82bf8ee4a45ff1782675fc2cd4a84a32_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea6e521ae59be5ab2e665e9a419f218e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
CreateThread
HeapReAlloc
GlobalLock
GetCommandLineA
GetEnvironmentStringsW
MultiByteToWideChar
QueryPerformanceCounter
FreeLibrary
GlobalFree
GetFileAttributesA
lstrlenA
WideCharToMultiByte
HeapFree
GetCurrentThreadId
GetLastError
GetTickCount
GetCurrentThread
GetCurrentProcessId
GetVersion
GetModuleHandleA
VirtualAlloc

user32

PostQuitMessage
SetWindowTextA
EndDialog
SetWindowLongA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 272KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ