88ce8f08da2cfe26763c9ff1a10aa0cf_JaffaCakes118 | Triage

Sharing

General

Target

88ce8f08da2cfe26763c9ff1a10aa0cf_JaffaCakes118
Size

201KB
MD5

88ce8f08da2cfe26763c9ff1a10aa0cf
SHA1

a443e7a7dd9212022e3d452571cd4a65ff25cd02
SHA256

35e3f1f3bda3a4206b37aa9234eef10a8cfa380b38efdfce4c54f71078b95d87
SHA512

193e5d43892466915e9cc111048de333825ed952f9f670577d3223f0ab6f187d4c5a17dac49992fb7846cc3323c4326ee2c52753270d91d0f9da882c9dcd6ef2
SSDEEP

3072:eqx+XSF/5cO1DQfFtuwXSzCO8lWrcSCgyz3mm:Tx+CFRHhKXy1YWYSxWW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88ce8f08da2cfe26763c9ff1a10aa0cf_JaffaCakes118

Files

88ce8f08da2cfe26763c9ff1a10aa0cf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc53fbc3f34be93d7d07b27800cbf9eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
GetUserDefaultLangID
MulDiv
lstrlenA
GetWindowsDirectoryA
IsDebuggerPresent
lstrcmpiW
QueryPerformanceCounter
GetProcessHeap
GlobalFindAtomW
GetACP
CopyFileA
GetStartupInfoA
GetConsoleOutputCP
GetCurrentProcess
GetOEMCP
GetThreadLocale
GetCommandLineA
DeleteFileW
GetModuleHandleA
GetCurrentProcessId
SetLastError
GetLastError
GetModuleHandleW
GetVersion
GetCommandLineW
GetCurrentThreadId
DeleteFileA
GlobalFindAtomA
GetCurrentThread
RemoveDirectoryA
GetTickCount
SetCurrentDirectoryA
lstrcmpiA
lstrcmpA
LoadLibraryW
lstrlenW
Sleep
VirtualAlloc

user32

GetSystemMetrics
CharNextA
GetDesktopWindow
GetDC

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ