8d303b833a97c4c9885d786b37508a0e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8d303b833a97c4c9885d786b37508a0e_JaffaCakes118
Size

21KB
MD5

8d303b833a97c4c9885d786b37508a0e
SHA1

ee2511837d8c559acdb9c3ae72e93cfef46eb8e5
SHA256

fc584d340157a23ecd2c0002dec5321776fe8fdd9e9eac0bac505c8da01217eb
SHA512

f561b0e3acebff8db668074eccf08634a0e2ac0afa89b7f64ad5d5a47bc5a4402e6c286655b59808f9b40e5dd1c6119cc475b732195ff451fbd432dda45542c3
SSDEEP

384:dsPXIW8x23Og90X+SRJEDHjfkl5iLEYAOjsKXF7HNX7i3G4fkI1inq1ywv:q4W8x23Og9UxRGDDcl8EYvIK7i3G4cIL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d303b833a97c4c9885d786b37508a0e_JaffaCakes118

Files

8d303b833a97c4c9885d786b37508a0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9db1090aed52207515e61e741d604f1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
SizeofResource
FindResourceA
GetModuleHandleA
GetSystemDirectoryA
WaitForSingleObject
SetThreadPriority
CreateThread
TerminateProcess
OpenProcess
CreateEventA
OpenEventA
LockResource
Sleep
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
OutputDebugStringA
Process32Next
Process32First
CreateToolhelp32Snapshot
Thread32Next
Thread32First
DeleteFileA
WriteFile
GetModuleFileNameA
LoadLibraryA
ExitProcess
GetWindowsDirectoryA
CreateFileA
GetFileTime
SetFileTime
GetCurrentProcess
CopyFileA
CloseHandle

user32

GetDC
GetCursor
AnyPopup
GetDesktopWindow
PostMessageA
GetClassNameA
GetWindowTextA
EnumThreadWindows
GetWindow
FindWindowA
SendMessageA
CheckMenuItem
CheckMenuRadioItem
CheckRadioButton
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DrawIcon
DeleteMenu
GetThreadDesktop
wsprintfA
GetDCEx

gdi32

ArcTo
BitBlt
Arc
Chord

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegSetValueExA
RegCloseKey
OpenProcessToken

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ