8d6d1f521878415aa4448c926092388d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8d6d1f521878415aa4448c926092388d_JaffaCakes118
Size

175KB
MD5

8d6d1f521878415aa4448c926092388d
SHA1

ef00d13fc307cedd6724082a5487070ab8b7d3dc
SHA256

c04f474bd69eba6bab90c9f850f6d4c7bd712d2adc6ea78fb556a1692fdbdc57
SHA512

335cd33e05fac8de2f547d343e8c8ef604114ab86edd2dcfe6fb05dc18c1b3580099d3d9718668c62472eb377071a64ca47b92faf4cd93e9c3a2ee75480cc647
SSDEEP

3072:nt8IdFSKSh6JbI27C1ubcw4BPnJC3jqXjR6rxLybnct8bOO9JR:nvFSublC1ubcPBBCzLyAyP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d6d1f521878415aa4448c926092388d_JaffaCakes118

Files

8d6d1f521878415aa4448c926092388d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

21de737500e18a84e6ad68b836a2009d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject

user32

GetUpdateRgn
CreateWindowExW
GetDC
RegisterClassExW
GetWindowInfo
MessageBoxW
LoadCursorW
EndDialog

kernel32

OutputDebugStringW
PrivMoveFileIdentityW
CreateMutexA
MoveFileW
GetProcAddress
CreateFileMappingA
CreateFileW
CreateEventA
SystemTimeToFileTime
DuplicateHandle
LoadLibraryW
GetFileAttributesW
GetProcessId
LoadLibraryExW
GetUserDefaultUILanguage
OpenProcess
VirtualAlloc
GetStdHandle
UnmapViewOfFile
EnumResourceTypesA
GetFileAttributesA
ProcessIdToSessionId
SetEvent
MapViewOfFile
ExitProcess
lstrcpynW
GetSystemTime
CloseHandle
AddAtomW
VirtualFree
GetModuleFileNameW
DeleteAtom
CreateDirectoryW
WaitForSingleObject
WriteFile
LoadLibraryA
ReleaseMutex
FindAtomW

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.apexi
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ