8b2ba1518a127ea703527f88cc3f01b1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b2ba1518a127ea703527f88cc3f01b1_JaffaCakes118
Size

723KB
MD5

8b2ba1518a127ea703527f88cc3f01b1
SHA1

04122d5705b2738f61e91c69f1eaad532a126f87
SHA256

d188e72ae573fb31a3baa1310ec5028b156ee206c5390c9abea62a594e9c257f
SHA512

397aa16d46512f8a5c8ee34e3ce35ddc100d699dca6bc519892a633f0900e59d01941531faa4cd00d2fe5984a4eff009b513495e78c3cf1d40eebfe04e7b2f2b
SSDEEP

12288:lDEVmwZeHIGGNaUHnKdMa3JLi779XzZt58eKpieycV74SxV9Xwd:lDEVvKLi7Lv8eKDV7RV9Xm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b2ba1518a127ea703527f88cc3f01b1_JaffaCakes118

Files

8b2ba1518a127ea703527f88cc3f01b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f40fed728813d91b777d68af158ffeca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
CreateFileA
WriteConsoleW
GetLocaleInfoA
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapSize
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
RtlUnwind
LoadLibraryA
InterlockedExchange
LCMapStringW
LCMapStringA
WriteFile
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetThreadLocale
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount

msvcrt

_iob
_initterm
pow
fprintf
?terminate@@YAXXZ
free
exp
_initterm
malloc
_adjust_fdiv
exit
_CIpow
_ftol
__CxxFrameHandler
_purecall
_except_handler3

msvfw32

ICInfo
ICOpen
ICSendMessage
ICClose
ICGetInfo

Sections

.text
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ