8ab8a870b5ed52709e1cec520d4c11f1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ab8a870b5ed52709e1cec520d4c11f1_JaffaCakes118
Size

338KB
MD5

8ab8a870b5ed52709e1cec520d4c11f1
SHA1

1e1b294c41255eb29e427d004c5c01e43999f5f2
SHA256

4c9bd83a6ab17b513681a9a8f7d007b9d24ebd51da1786eba06c60b885a5fcde
SHA512

7ae7737e3d80cc7a04278d466500ae56d985fb0a98e32b11146ff399f17679f8cbe2836b2c8459998d1bf5ba4e4d0a156fed8ab5866ac828529580a98a7cf441
SSDEEP

6144:f0/+/QwqPP1kvtOj65GzjwneVvsHpfXylQ/wjBrGwZcHMl8/3bgw:fk8NqPP1s36wngv0fXyl3hZZcHlUw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ab8a870b5ed52709e1cec520d4c11f1_JaffaCakes118

Files

8ab8a870b5ed52709e1cec520d4c11f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e9f1c05a270c6ac545d645184396089

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeConsole
FreeEnvironmentStringsA
OpenMutexA
ResumeThread
VirtualProtectEx
LocalFree
GetACP
IsBadStringPtrA
FindClose
GetModuleHandleA
GetSystemTime
lstrlenA
LoadLibraryExA
CreateEventA
GetStdHandle
GlobalUnlock
GlobalLock
IsBadReadPtr
CloseHandle
GetLastError

user32

GetMessageA
GetSubMenu
IsMenu
GetMessageA
SetFocus
DialogBoxParamA
CreateWindowExA
GetComboBoxInfo
CheckMenuItem
ClipCursor
GetDlgItemTextA
IsIconic
EndDialog
MessageBoxA

msasn1

ASN1BERDecCheck
ASN1BEREncOpenType
ASN1BEREncNull
ASN1DecAlloc
ASN1BERDecBool

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ