8b2b8baed1ee5fb3cd1123dcbb184f6f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b2b8baed1ee5fb3cd1123dcbb184f6f_JaffaCakes118
Size

132KB
MD5

8b2b8baed1ee5fb3cd1123dcbb184f6f
SHA1

20b3e438d294d084b5306df0f7d3d5d02ee36d90
SHA256

9e55a706c142f464f1fb1c5063f10104e3e8b8ca952f754ec2e544b9c015366c
SHA512

1590fa07c85a335eb619aac02f6feac0bd8039651e06aa777746f673c57783b58f18102424e9e2f33ab0122c61a2dec4aff87c92f752fe91e11593a6e84f983b
SSDEEP

3072:rcmE7v4k28hhtolRmiL35i5ZvUUpTOU41Bd0uqyW/gkk64:Ama7r/o2iV6ZvUU+1X1WI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b2b8baed1ee5fb3cd1123dcbb184f6f_JaffaCakes118

Files

8b2b8baed1ee5fb3cd1123dcbb184f6f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ea174483d8b641435f10f5cbb7ae6ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
OpenEventA
DuplicateHandle
ReadConsoleInputA
GetConsoleTitleA
WaitForMultipleObjectsEx
lstrcpyW
LocalFree
GetProcessHeaps
Heap32First
GetStringTypeExW
ReadConsoleInputExA
GetSystemTimeAsFileTime
SetConsoleOS2OemFormat
GetPrivateProfileSectionNamesA
SetMailslotInfo
Heap32First
ExitProcess
GetUserDefaultLCID
SetCurrentDirectoryW
SetEnvironmentVariableW
VerifyVersionInfoW
lstrcmpA
GetConsoleAliasA
FreeLibraryAndExitThread
EnumResourceLanguagesW
GetStartupInfoA
CreateProcessInternalA
GetUserDefaultUILanguage

Sections

.data
Size: 8KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ