8bf4e08c3c51fb7f2fc7b840218cdb6f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8bf4e08c3c51fb7f2fc7b840218cdb6f_JaffaCakes118
Size

182KB
MD5

8bf4e08c3c51fb7f2fc7b840218cdb6f
SHA1

467e9024baf613c504707074b262786fd623abed
SHA256

46f615ed1c67510f3e0b51bdd3d2bdd7731ed928390fa96803c306bee2fec1a7
SHA512

e478dae303b859396e305e11581e2045bc52209d8abe81cf56322725af6396691a681bdeedc3031f00c7c082bc97064d6ec79670c9e380b0c08f8693e7d5b513
SSDEEP

3072:DNBa/wP//jQ63yYSlzYhhjt46dM34GUTWul+mRTBETGyJwg0vaRHMtqv1DbmOaNC:DNB1/06iYIYhhjt46zDxl5hBET1CXvXw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bf4e08c3c51fb7f2fc7b840218cdb6f_JaffaCakes118

Files

8bf4e08c3c51fb7f2fc7b840218cdb6f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd8aacc0392da31f9bd6c0ce47b6b2db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

rpcrt4

UuidCreate

user32

MsgWaitForMultipleObjects
DispatchMessageW
PostThreadMessageW
RealGetWindowClass
TranslateMessage
PeekMessageW

iphlpapi

NotifyRouteChange

shlwapi

wnsprintfW

advapi32

EncryptFileW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegCloseKey
DecryptFileW

kernel32

CreateFiberEx
FileTimeToSystemTime
TerminateJobObject
GetTempPathW
EnumResourceNamesW
FlushFileBuffers
LocalAlloc
SetEvent
RaiseException

ole32

CoRegisterClassObject
CoUninitialize
CoRevokeClassObject
CreateClassMoniker
CreateStreamOnHGlobal
CoDisconnectObject
CLSIDFromString
GetRunningObjectTable
StringFromGUID2
CoReleaseServerProcess
CoCreateInstance
CoResumeClassObjects
CoAddRefServerProcess
CoTaskMemFree
CoRegisterMessageFilter
CoInitialize
CoTaskMemAlloc

Sections

.text
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ