8be6a11493c94cd7df46d3aa729d02c4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8be6a11493c94cd7df46d3aa729d02c4_JaffaCakes118
Size

118KB
MD5

8be6a11493c94cd7df46d3aa729d02c4
SHA1

7c6112878fd6fd68847f899d145e37eca7213cb8
SHA256

5d4a24ba4a74b456b02bc98f25f242621a5fdd5d4cdd0d37564b8f8005a79cc4
SHA512

3a7f1782bfcd8ac03f0c53a48b7982dba7079a2d311c882eba7fc18c1886453d7bc430c26079219edd927e0cbb8f9f429fc4c34d29a9a54bce06a101f1a97fa2
SSDEEP

3072:SMm6dUAOtYvZGLzAmUlwBxskCUhj9xCYPlh8I/hRf7n:wAOtOGLzA9oszSbhRf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8be6a11493c94cd7df46d3aa729d02c4_JaffaCakes118

Files

8be6a11493c94cd7df46d3aa729d02c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

18a6a802ecf8c468211065e8d7e3d71f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
GetOEMCP
lstrlenA
GetProcessHeap
LoadLibraryA
GetModuleFileNameA
ExitProcess
GetModuleHandleA

user32

GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardLayoutNameA
GetMenu
LoadIconA

gdi32

GetBitmapBits
GetObjectA
GetBkColor
CreateCompatibleBitmap
GetPixel
CreateDIBitmap
CreatePalette
SetTextColor
CopyEnhMetaFileA

shlwapi

SHDeleteKeyA
PathFileExistsA
SHSetValueA
SHQueryInfoKeyA

Exports

Exports

_HRKUL
1wFIS70D@24
_EDbMHwZG6Jd
_ExACTYX9jn6@8
EiFLCnMS88
_LO3qmfZ
KNnBNr@12
_NLi_y4
0iiWB1F@4
_PpbV6eO5Fd@20
_vpHFPkbFxl2rI0
_O54vL38QQwC
_2BAxksHrKslG
5Nc6pBFd@8
_T3EAfgNNAR@16
_fb8X0@8
_o6M17PE8PmZw@24
_o_LKITgfu0sj5@16

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ