8922b78983c54904c0e3a22c8b802d71_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8922b78983c54904c0e3a22c8b802d71_JaffaCakes118
Size

209KB
MD5

8922b78983c54904c0e3a22c8b802d71
SHA1

6dd35d0cd5a41b196387c8657a7d4e02281615f2
SHA256

574b259bde9451409ae3e474a586a6e3379cab7a1ba4bd4783349c6db1080ce9
SHA512

3b60eb43356a94c23fd15b547e519a02da23cbcf108497ea49168a558fb18c885dd4a780db57451b8a4f81b42baafa7c45e1c0cb51c27dda6c2523eb5fdde94c
SSDEEP

3072:H+CjXc+kcMQZXOzauXDOwtZuQ67loM5oeBwJunkcCBqacHP:H+Ic+NWzfOwtZuN7KM5tNdN1P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8922b78983c54904c0e3a22c8b802d71_JaffaCakes118

Files

8922b78983c54904c0e3a22c8b802d71_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d40f731f7ec88be767dd2ce0a1ffdeea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryA
DeleteFiber
VirtualAlloc
CancelTimerQueueTimer
CompareStringW
UpdateResourceA
SizeofResource
LoadLibraryA
GetProcAddress

user32

IsCharLowerA
SetPropA

gdi32

BitBlt

advapi32

ChangeServiceConfig2A
StartServiceW
GetServiceDisplayNameA

Exports

Exports

cvltjcdx
fmxynmswebcne
vixtshmyui

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ