8bb0be907c643f972e9997f7a9c2f96c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8bb0be907c643f972e9997f7a9c2f96c_JaffaCakes118
Size

262KB
MD5

8bb0be907c643f972e9997f7a9c2f96c
SHA1

00c76d6148ae0557c330e5dc39c33edc24a37fad
SHA256

8de67392112afa4aec6900a1fee625fc7f1fd5c94d230b9949e2e255a96cec71
SHA512

0d1275f2591277af52cf5416256f25c9b1e1ede2e8187c48d4b3301a1a701a2a2adbafd93bdf8a253294ff441def1b6b191f4fddcda32e5ba7313eb19c8e23a0
SSDEEP

3072:EyCef63iV+i8r/SR+5G1efzej3CUN5tV19irgcEBZXnGtzxXleSUQGzZhHbH5k:6efrVe/SY5cegVtVrV3XGt1l3GzHu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bb0be907c643f972e9997f7a9c2f96c_JaffaCakes118

Files

8bb0be907c643f972e9997f7a9c2f96c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

037956c354d34de644ab31b0ef2ced4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetFullPathNameA
GetFullPathNameW
EnumDateFormatsExA
IsDBCSLeadByte
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateThread
InterlockedExchange
GetDiskFreeSpaceExA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateSemaphoreA
ReleaseSemaphore
ExitThread
WritePrivateProfileStringA
GetPrivateProfileStringA
FileTimeToLocalFileTime
lstrcmpA
lstrcmpW
GlobalFree
GlobalUnlock
GlobalAlloc
GetACP
GetTempFileNameA

oleaut32

SafeArrayDestroyDescriptor
SafeArrayCreateEx
QueryPathOfRegTypeLib
SafeArrayGetRecordInfo
SafeArraySetIID
SetErrorInfo
SysAllocString
SysAllocStringLen

msvfw32

ICInfo

Sections

.text
Size: 165KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 278B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ