8c8a39bc498a5a4c4a21980e4782c4fe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c8a39bc498a5a4c4a21980e4782c4fe_JaffaCakes118
Size

354KB
MD5

8c8a39bc498a5a4c4a21980e4782c4fe
SHA1

51c39817e145f3d2f154ad94ebced4165d54cdbf
SHA256

5310d995d0fd0851eac57e7b3b6d81d6201cb1e1b453393dd3fdd0403bc273b4
SHA512

299866b396c247f2e7e0d018ee3c38ec61e95e6e16b59b81c534bacee961b8b4f5dc1e7a6b941b5e37726d202e46c80eb6f6e1907a0294c9c62b3c59afe288ef
SSDEEP

6144:F6h38fyPHAGl7fomtUvi1umIUIdrJ/B3Xnj61l2PiD:EO6oGqOMBJnJJDHiD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c8a39bc498a5a4c4a21980e4782c4fe_JaffaCakes118

Files

8c8a39bc498a5a4c4a21980e4782c4fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

193ddcac0a7502c98e27a0c863ea47ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
FreeLibrary
GetProcAddress
EnumCalendarInfoA
LoadLibraryW
WideCharToMultiByte
DeleteFileW
GetFileAttributesW
GetTempPathW
GetTempPathA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetFileSize
LockFile
GetModuleHandleA
UnlockFile

oleaut32

SafeArrayDestroyDescriptor
SafeArrayDestroyDescriptor
VarFormatNumber
CreateErrorInfo
OleLoadPictureEx
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

msimg32

TransparentBlt

Sections

.text
Size: 233KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE