8d33dda3e178d9e29970dbecadef99d2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8d33dda3e178d9e29970dbecadef99d2_JaffaCakes118
Size

35KB
MD5

8d33dda3e178d9e29970dbecadef99d2
SHA1

8fb52fb745a33f2f69aba5a688a47ff0a1d7c7dd
SHA256

c188629209a4eca8b5e8a2b4bc0ccfc5c14a05c415e44511c6b3ecf00635a83b
SHA512

ee90c2e4da0a478e8be74dd3a8fc314785c02e55518c96e9b9d3a3f8832c2b32a2a03bd2a531e7bbf5b61005021b0e2adaa6da09441c853595b93437f08bcd4a
SSDEEP

768:ZA+6L8dbb/aq5MrcrfYSL+zLzKJQM7ZhpTVg4wr:S+6L+v75+crfxL+vDMdTVgT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d33dda3e178d9e29970dbecadef99d2_JaffaCakes118

Files

8d33dda3e178d9e29970dbecadef99d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5d4c4f49e83b40ad346737fa4d1c3ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExA
GetTickCount
HeapDestroy
HeapFree
HeapCreate
HeapAlloc
GetProcessHeap
CloseHandle
ReadFile
SetFilePointer
CreateFileA
QueryPerformanceCounter
ExitProcess
Sleep
GetModuleFileNameA
VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
lstrcmpiA
FreeLibrary
HeapReAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 710B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE