8bf944b23b8d72281739b3aaf5033db2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8bf944b23b8d72281739b3aaf5033db2_JaffaCakes118
Size

289KB
MD5

8bf944b23b8d72281739b3aaf5033db2
SHA1

03eeca18c3195d3f51be61926bf33d698f444486
SHA256

9168c6122b7466aa0d4acbca5e94d50cad74666f00672c59d1ee57a69d1bf59a
SHA512

3fecb4d8a63750c6400723bdb4f95857109d2be57175e0ee1a78cd675d36c8714d0850f8415c3ed90f740d1684fc8b7e43beaa99a6a5e4fa94829631c0342f57
SSDEEP

3072:lUDU4OKlf8Urj7emO/KiLyrG2erwr60laXNCXqeC/qU7Jg/Be6VGmJrPTmiu0y:y3OTc3qRyytErRTqeCC3cO1P4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bf944b23b8d72281739b3aaf5033db2_JaffaCakes118

Files

8bf944b23b8d72281739b3aaf5033db2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a2e9abd01f9c197e11ed993a65b122e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
lstrlenW
GetACP
lstrcmpiW
lstrcmpA
DeleteFileW
GetModuleHandleW
GetProcessHeap
GetConsoleOutputCP
IsDebuggerPresent
GlobalFindAtomW
CopyFileA
DeleteFileA
GetTickCount
GlobalFindAtomA
GetCurrentThreadId
GetCurrentProcessId
SetLastError
GetCommandLineW
VirtualAlloc

gdi32

LineTo
GetDCOrgEx
SetTextColor
SetMapMode
MoveToEx
BeginPath
UnrealizeObject
EndPath
GetPixel
RestoreDC
EndDoc
GetDIBColorTable
SelectPalette
GetTextMetricsA
GetPaletteEntries
SetViewportOrgEx
SetBkColor
OffsetViewportOrgEx
GetDeviceCaps

user32

CharNextA
GetDesktopWindow
GetMessagePos
GetInputState

comctl32

InitCommonControls

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE