8b791c89986274e990ee55bd5bff656f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b791c89986274e990ee55bd5bff656f_JaffaCakes118
Size

170KB
MD5

8b791c89986274e990ee55bd5bff656f
SHA1

e74f0385f35d7e725ce3a8844c5dfad5e6a62815
SHA256

3b0aa3770126d2773e7bbdba6f6cfc3e44e6b4bc65fb6aa5dc650f73d7481886
SHA512

a9727df111be44024c57b395070ee75f09fb62afe7b90d20b94a73bed2d4c9c05d47280a7ea728d52d5d040b8acbfa4f739a71d27baa423653b147855e2af78f
SSDEEP

3072:W0oLXAQStQp3kzi6bMSvsIbhzWzAEj0LXUS+Fz50pt8r2XiVg:W0bZBASvHtzWFj0LXURFSEZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b791c89986274e990ee55bd5bff656f_JaffaCakes118

Files

8b791c89986274e990ee55bd5bff656f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2632ca8b5c7ba73790bb215379b77730

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Windows Dir\FileExec

Imports

user32

wvsprintfW
LoadIconW
DefWindowProcW
GetSystemMenu
GetKeyboardType
OpenDesktopW
SendMessageTimeoutW
GetDCEx
IsWindowUnicode
FillRect
PeekMessageW
IsChild
ReleaseDC
IsRectEmpty

kernel32

GetCompressedFileSizeW
GetLocaleInfoA
GetComputerNameW
GetProfileStringW
FindFirstFileW
FindFirstFileA
GetWindowsDirectoryA
LocalReAlloc
GlobalReAlloc

Exports

Exports

_PeekMessagePeekMessageA@0

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 955B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ