8b560fbce5a81262dbf953e877218ca5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b560fbce5a81262dbf953e877218ca5_JaffaCakes118
Size

95KB
MD5

8b560fbce5a81262dbf953e877218ca5
SHA1

99e710fbd3991cd296a4cce8be30bf81b473af8d
SHA256

bbdd0fca2e29b899f3c2d4e590a1646b8e0beac57f79be2d2ee72acf38e18a4b
SHA512

03ce78df99b1a7aa3117826b3a615f6f8b460a94c1857fa159a3ccbffec6d2bb1745de26f0f82d1291b1f39b058af160cd1da0f1154c5b28d75818f0cecaaaed
SSDEEP

1536:f1XKHAa8uoh/6atfVddxJLFH4wsmkvXNc0np2RX7zXVKYRhoqCvNmN9F:fhKggAtNrJ4dmQjgtzlKYPoZgN9F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b560fbce5a81262dbf953e877218ca5_JaffaCakes118

Files

8b560fbce5a81262dbf953e877218ca5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e357f7d6513b4e72e1d7fc73c8845ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

RegisterWindowMessageA
GetDC
GetProcessWindowStation
SetScrollInfo
GetDC
RegisterClipboardFormatA
GetAppCompatFlags2
PostMessageW
GetSysColor
CharUpperW
MapVirtualKeyExA
GetSystemMetrics
TranslateMessage
GetSysColor
GetWindowLongW
ReleaseDC
GetAppCompatFlags2
CharUpperA
GetSystemMetrics
GetAppCompatFlags2
GetProcessWindowStation

kernel32

GetProcAddress
LoadLibraryA
VirtualProtect
GetProfileIntW
SetLocalTime

Sections

.text
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 400KB

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16.0MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_MEM_READ