8ceac428f1d7cc28df1c488c54df9aa9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ceac428f1d7cc28df1c488c54df9aa9_JaffaCakes118
Size

509KB
MD5

8ceac428f1d7cc28df1c488c54df9aa9
SHA1

2debb6690cee869569f8666be46986b237a729f1
SHA256

6cb8cb6b0459ecae2f4e0ca73de24263652341ff31eee11030efe53180f2a7e3
SHA512

8a70ab323465104a80f7a9f02fb51ea7919764922ef7bfebfc4395393fa3eb40a380a4563b73f31d43643472a77db9b941678c0206a6a30ed43f3c07e1c6d359
SSDEEP

12288:93d9XMKFYr9oywa9/Wg+aneWpo54Qodfa7aLF5rSfi2Voja:RdOq3yBpWaLG8fa7aRUuW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ceac428f1d7cc28df1c488c54df9aa9_JaffaCakes118

Files

8ceac428f1d7cc28df1c488c54df9aa9_JaffaCakes118
.exe windows:10 windows x86 arch:x86

90cbe497878002a71ae097352ef4aa9a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SleepEx
GetModuleHandleA
GetModuleHandleA
GetCommandLineW
VirtualAllocEx
SetEvent
MultiByteToWideChar
GetModuleHandleA
VirtualFree
SetUnhandledExceptionFilter
MultiByteToWideChar

gdi32

LineTo
PatBlt
GetStockObject
GetObjectW
GetTextMetricsW
DeleteDC
DeleteObject
LineTo
DeleteObject
SelectObject
BitBlt
CreateCompatibleDC

user32

GetMessageW
SetMenuDefaultItem
RegisterClassW
EndDialog
FindWindowW
ReleaseDC
ReleaseDC
DestroyWindow

shell32

SHGetDesktopFolder
DragQueryFileW
ExtractIconW
SHGetFolderPathW
ShellExecuteExW
SHGetSpecialFolderPathW
SHChangeNotify
SHGetMalloc

advapi32

RegEnumValueW

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 565KB - Virtual size: 568KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 880KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ