8308c328f991532ad4cedb92f531d4df_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8308c328f991532ad4cedb92f531d4df_JaffaCakes118
Size

220KB
MD5

8308c328f991532ad4cedb92f531d4df
SHA1

94246b490ee59d5600d1c31aa91fda0222d3c6d4
SHA256

8f1d1e62ebac7aba1b53e3da5e624f6b1e44dc69c03d9264129955e1303602c1
SHA512

a7a1bd55305bdf990425576cf4383f5552e480d441df4b23b8ee06406fe12b2b91fcb565b373f6eabc864e544e98add75fee096bd078f52a0800deda91d50992
SSDEEP

3072:I9arb0BLF+WEIYqLYFiYczOTtQ9mNaWEUGwdLkxs/NYwlCjW6EQmWTgNLI0GW:4zD+3IjKcUrlGwRasFYgCFEQmKgS0GW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8308c328f991532ad4cedb92f531d4df_JaffaCakes118

Files

8308c328f991532ad4cedb92f531d4df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e20fb31465417b977e19096f4ea76d87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetDllDirectoryA
VerSetConditionMask
SetConsoleTitleA
RtlZeroMemory
CloseHandle
RtlUnwind
RtlMoveMemory
RtlFillMemory
RtlCaptureStackBackTrace
RtlCaptureContext
ReleaseActCtx
ReadConsoleW
ReadConsoleA
ContinueDebugEvent
lstrcpyA

ntdll

RtlReleaseMemoryStream

user32

ClientToScreen
PaintDesktop

ole32

StgCreateDocfile

advapi32

SetNamedSecurityInfoA
RegUnLoadKeyW
ConvertSecurityDescriptorToAccessW

gdi32

SetStretchBltMode
UpdateColors
GetDCBrushColor
LineDDA
AddFontResourceA

compstui

CommonPropertySheetUIW

Exports

Exports

sEtn7L8k6BuspzRk2

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 721B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ