8ce89b09574f3e8580d1be30fc6d8e23_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ce89b09574f3e8580d1be30fc6d8e23_JaffaCakes118
Size

182KB
MD5

8ce89b09574f3e8580d1be30fc6d8e23
SHA1

91b8a46bcd8cd2f05fa7d5dda41fa6cdce593750
SHA256

5dda09e94842bf87e0df1eadac60919dfa7461071282344b45ef90c121cfd434
SHA512

237c98c4b2c31880f1dc702600106adc7b10f0bd2eec4a482b12f73183af91b08acef968b565b98e3d53a685694d0a5fcf5111eff4ccbd71e91d67161773444b
SSDEEP

3072:kJUS2TE8/69NCV+nFNOLHzcLnf1EXwIQOuKE/Z6q0gzxgPkhRo1FwZFh:eUS2TEVfnbOLTcz9c/unZd0SBhsFwP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ce89b09574f3e8580d1be30fc6d8e23_JaffaCakes118

Files

8ce89b09574f3e8580d1be30fc6d8e23_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f33b2608fa7dc1c0f5f01975f2a90a3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetVDMCurrentDirectories
LocalFileTimeToFileTime
FindFirstFileW
LoadResource
GetStringTypeW
FindNextFileW
FreeLibrary
SetErrorMode
SetThreadPriorityBoost
SystemTimeToFileTime
GetShortPathNameW
EnumResourceNamesW
SetCurrentDirectoryW
CompareStringA
GetLocalTime
FindClose
FindResourceW
RegisterWaitForSingleObject
FileTimeToLocalFileTime
SetEnvironmentVariableW
FileTimeToSystemTime
HeapCreate
SearchPathW

user32

ValidateRgn
ValidateRect
SetCapture
ReleaseCapture
InvalidateRgn
GetCapture
ExcludeUpdateRgn
GetWindowInfo
GetUpdateRgn

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ