8b2ee239bd8ceda7cdb6f82d2bab1a3f_JaffaCakes118 | Triage

Sharing

General

Target

8b2ee239bd8ceda7cdb6f82d2bab1a3f_JaffaCakes118
Size

45KB
MD5

8b2ee239bd8ceda7cdb6f82d2bab1a3f
SHA1

55bfa47c46071e290146ef95842b7a2758c59947
SHA256

b8822db4c71c844e435260d606e71423a653c6fe9eba3ba7021bbd855fdc7b16
SHA512

016cb29be72d12feed8245b2b13b8d8e8cb687f6e2b419e7668e98e8fb266b0609e52822f512955aed1fb5af1bfcbbecdaed707cb54f643dc99929f23d76d538
SSDEEP

768:utDqJ4uCEMBegwCYrIemIZEeLPkOABMn+ayzw6xlq5:uVI4f3VwCQI+ZEy8OABMntyzo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b2ee239bd8ceda7cdb6f82d2bab1a3f_JaffaCakes118

Files

8b2ee239bd8ceda7cdb6f82d2bab1a3f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

096527ded379b804e515b456e5dc2eac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
lstrcpyA
GetCurrentProcessId
GetCommandLineA
GetConsoleCP
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemDirectoryA
GetWindowsDirectoryA
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetTickCount
AreFileApisANSI
GetProcAddress
GlobalMemoryStatus
VirtualAlloc
VirtualProtect
GetProcessHeap
GetCurrentProcess
GetEnvironmentStrings
LoadLibraryA
GetModuleHandleA
GetCurrentThread
GetStartupInfoA
GetLastError
IsBadWritePtr
IsBadCodePtr
IsBadStringPtrA
GetLogicalDrives
GetVersionExA
GetSystemTime
GetCurrentThreadId
GetComputerNameA
GetConsoleOutputCP
GetDiskFreeSpaceExA
GetSystemInfo
GetVolumeInformationA
ExitThread
GetConsoleTitleA

user32

GetSysColor
GetDoubleClickTime
IsWindow
GetFocus
GetDesktopWindow
GetKeyboardType
GetForegroundWindow

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ