8ace0d8e3c347646885074658aa9b3c6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ace0d8e3c347646885074658aa9b3c6_JaffaCakes118
Size

358KB
MD5

8ace0d8e3c347646885074658aa9b3c6
SHA1

254537126b8a55226336e5f6463fc3fb9a82b60d
SHA256

91c5119105746494a1c1e88f9f6c44793535ffa196383339dadeaf45d56861b3
SHA512

e5ebabc3b2a9b2069beca35945cdb39fc5c1fcbb860c340840a160410aad61c6c05c5d2974ac2b1b70b04467e8de394f8edc189d6982460da128500dc4d5afc8
SSDEEP

6144:FW4smvkh2wB+61LBOGeSsQteetllEF7Cs1RHi4jOW2COGXclc8penaeG:g4smvkhLTLB3vsWPvEF7j12GMQa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ace0d8e3c347646885074658aa9b3c6_JaffaCakes118

Files

8ace0d8e3c347646885074658aa9b3c6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4d34258b947c859af62690bf804ff7dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
CloseHandle
Sleep
GetDiskFreeSpaceA
ExitProcess
GetModuleHandleA
lstrlenA
CreateThread
AddAtomA
SetEvent
VirtualProtect
ReleaseMutex
FindResourceExA
DeleteCriticalSection
GetLastError
SearchPathA
GetConsoleFontSize
GetTickCount
TlsGetValue
FindVolumeClose

user32

GetKeyState
CreateMenu
EndDialog
CopyImage
GetMessageA
DialogBoxParamA
DispatchMessageA
CreateWindowExA
EnableWindow
GetScrollBarInfo
DragDetect
CloseWindow
IsIconic
CopyIcon

wshbth

WSHIoctl
WSHOpenSocket2
WSHJoinLeaf
WSHNotify
NSPStartup

shell32

FreeIconList

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ