8c08d5da40a0df0412b52cd6260821cb_JaffaCakes118 | Triage

Resubmissions

11/08/2024, 21:31

240811-1dfjkstcph 7

11/08/2024, 21:26

240811-1anqsaygmk 7

Sharing

Copy URL Twitter E-mail

General

Target

8c08d5da40a0df0412b52cd6260821cb_JaffaCakes118
Size

312KB
MD5

8c08d5da40a0df0412b52cd6260821cb
SHA1

f4cf1d1f598ea3598a70b8c7633e999cff78412b
SHA256

3c3bd50accd69b7b8b9cf46f5b08f02e371348a66e309b800e578fd8f2fb43aa
SHA512

e7c5610a53bc25be816984b38f8911192b2b76bafc6dcc362e35ac92f2351c5a10da11afe8b9eff4af9987d38d48f6897bd0304d73c632313f71e6724a45b118
SSDEEP

6144:GrTuETVyp+zFTan/bdV+6A5iP2naGmzvXYu5aRCaMMQG:GWr+zUDvA5eYYvYiaPMY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c08d5da40a0df0412b52cd6260821cb_JaffaCakes118

Files

8c08d5da40a0df0412b52cd6260821cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

80c6e0b7c7a154a60dbb6c433ec2b841

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
GetSystemDirectoryA
GetCurrentProcessId
GetStdHandle
OpenMutexA
SetEvent
GlobalFree
ReadConsoleA
GetCompressedFileSizeA
GetCurrentThread
FlushFileBuffers
GetLocaleInfoA
GetCurrentProcess
LoadLibraryExA
IsDebuggerPresent
VirtualProtect
GetCommandLineA
RaiseException
InterlockedExchange
HeapCreate
GetACP

user32

GetClassNameA
ReleaseDC
GetDlgItem
ShowWindow
BeginPaint
IsIconic
EndPaint
ValidateRgn
wsprintfA
GetCursorPos
GetWindow
SetActiveWindow
DrawTextA
GetWindowTextA
GetFocus
SetForegroundWindow
GetParent
FillRect
FrameRect

crypt32

CertFindAttribute
CertCloseStore
CertDuplicateStore
CertControlStore
CertCreateContext

apphelp

ApphelpCheckIME

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ