8c8a5a79de3fd674ec682b0e9c1dc3b1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c8a5a79de3fd674ec682b0e9c1dc3b1_JaffaCakes118
Size

85KB
MD5

8c8a5a79de3fd674ec682b0e9c1dc3b1
SHA1

839fd9fef339ca13898e423aeda13ec925dbbc4f
SHA256

4f72113cacbc96bdefa2da321c4a1ed5f1e976030c6612ff4e8bbfe3aab331bd
SHA512

03d52610c3a0c11ae0ba9bee91ec6cab0f56aa9ca38cb983638bbb9135bfcfa4ec1da7ff697d2f7655c0eb6757e9bfcda85c492e95b5d393ff870fb28091805b
SSDEEP

1536:+rUPGZ/jcSYjVYoJHjqBUGeGy1m6ZLPdysL/6tVYpufsLOGrE:+rUm/jJY5JDiFel3VFyUCjXfsE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c8a5a79de3fd674ec682b0e9c1dc3b1_JaffaCakes118

Files

8c8a5a79de3fd674ec682b0e9c1dc3b1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d47fcbf0a81d630b936ede29f913e362

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
ExitProcess
CloseHandle
ReadFile
SetFilePointer
GetFileSize
GetModuleFileNameA
GetModuleHandleA
HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualFree
UnmapViewOfFile
MapViewOfFileEx
CreateFileMappingA
GetProcAddress
LoadLibraryA

user32

PostQuitMessage
GetKeyNameTextA
LoadCursorA
DefWindowProcA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ