8acafcf137406cb617540f1acd88eb5c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8acafcf137406cb617540f1acd88eb5c_JaffaCakes118
Size

129KB
MD5

8acafcf137406cb617540f1acd88eb5c
SHA1

4260583cf329ccc5c77f45863cf6819b4abcd67a
SHA256

4c190976f5d3e666cbc012d9e50b986f58b76df97a2eaa4bf344a69771418604
SHA512

14af8222fd46232a481bf087ad7aa6f1798b2fc53e355fdbbaea9b580a63a218792ca2b5d1358d83199de646952a6280e2c4bc3774d4dc0ea5f12b894646806d
SSDEEP

3072:Pzx62D1VKOt1BIO+Y9lZSsixM6AAiRqWJIwG:0aVTLOsW5AAiRqWJY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8acafcf137406cb617540f1acd88eb5c_JaffaCakes118

Files

8acafcf137406cb617540f1acd88eb5c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc199519da63dde4169ad2b37514d54e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
CloseHandle
lstrlenA
GetLocalTime
GetTickCount
WriteFile
SizeofResource
CreateFileA
LoadResource
FindResourceA
GetModuleHandleA
MoveFileA
DeleteFileA
GetSystemDirectoryA
GetModuleFileNameA
CopyFileA
CreateThread
WinExec
ExitProcess
GetFileAttributesA
GetWindowsDirectoryA
LoadLibraryA
GetLastError
RaiseException
InterlockedExchange
LocalAlloc
GetProcAddress
FreeLibrary

msvcrt

_onexit
__dllonexit
exit
??2@YAPAXI@Z
_strrev

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 32B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ