8c353ee13fe7888078b4f1f2fa816c3b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c353ee13fe7888078b4f1f2fa816c3b_JaffaCakes118
Size

215KB
MD5

8c353ee13fe7888078b4f1f2fa816c3b
SHA1

420cadc46a7862f124e2330e57fd48df960778e2
SHA256

af1172d09cd580092695e03cd59e654ed0df77ccd92f6f4149bf37e19cd5ba8d
SHA512

84805e7f1a1044c50bb1671d2d4db0457f516d437c623022d2648741859572bd50d0ffb12ddbe3021d9aec3c01226d8e0f08ed2fe098e6bbd043cd600edffc9d
SSDEEP

6144:lbvienA4TRsqSqhlpGeP8TTsYAACAirh942q7s:BM6RVbGeEnsh9N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c353ee13fe7888078b4f1f2fa816c3b_JaffaCakes118

Files

8c353ee13fe7888078b4f1f2fa816c3b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a575cffb2d816a423d4376345030862b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetCursor
SetTimer
SetScrollRange
GetMenu
SetScrollPos

kernel32

VirtualAllocEx
GetModuleHandleW
ExitProcess
GetCurrentThread
GetCommandLineW
LoadLibraryA
lstrlenW

Exports

Exports

bYwhdA@16
Rk_vQRFtE
tpAQ5C9sGoOq
28m2fsMFd7_I@12
_IrvnFKGiS
_HpmNDQHJIj@20
g5Kcac@20
_gbl8fjl@12
baZof@4

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text