8aadad42a4b05e3e30ef540b0b7dce6b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8aadad42a4b05e3e30ef540b0b7dce6b_JaffaCakes118
Size

25KB
MD5

8aadad42a4b05e3e30ef540b0b7dce6b
SHA1

640e2d74e2a721cc8dae6b8c3273c1ed12f7fc00
SHA256

13d57566635fee826e4a94b14af43de9cc27ffdba4d7bc89b525f16256ed566e
SHA512

717684a5092fefa5797a55b0148f41d560f3a98df643726ba9330e16bfa202df92a1d00f9d64fc1f88d3f0e4629e36cdf12e5f444922dde6ff9c2d4a84365471
SSDEEP

384:82G36M2T9K9imdfoqxVKJ96V2e2F8yDBuGwvAPbxCD5VGULa2vLU:82G3pBxezehyDBBwvAPM9bO8U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8aadad42a4b05e3e30ef540b0b7dce6b_JaffaCakes118

Files

8aadad42a4b05e3e30ef540b0b7dce6b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7a798e742f6aeb81c3c5fef38809c17c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lopen
GetComPlusPackageInstallStatus
FindFirstVolumeA
VirtualFreeEx
SetThreadPriorityBoost
CopyFileExW
NlsResetProcessLocale
InterlockedCompareExchange
EnumCalendarInfoExW
GetCurrentThreadId
ReadFileEx
FindActCtxSectionGuid
OpenDataFile
FindNextVolumeMountPointA

user32

CreateWindowStationA
RegisterServicesProcess
SetDoubleClickTime
MessageBoxExW
GetClassInfoExA
GetWindowTextA
GetWindowModuleFileNameA
SetClipboardData
CharLowerBuffW
CheckMenuRadioItem
SendMessageW
SetLayeredWindowAttributes
BroadcastSystemMessageW
SetWindowsHookA

Sections

.text
Size: 22KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ