8da9b31e38bbe1a65b2b14cf89263816_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8da9b31e38bbe1a65b2b14cf89263816_JaffaCakes118
Size

338KB
MD5

8da9b31e38bbe1a65b2b14cf89263816
SHA1

e9d184c0d45254ec5dd6c80cd28c4a91f9fd5158
SHA256

4b0b3bd87e40bbf8a4a18523ef29893777c65d174f3dde12100379231b0c966d
SHA512

2d09b7668abdf0bb051941137a991dc6eea8959ee2cfb29cd4cb8c19621ed8a20e0e12394cfcb5abef25bb216b43b553adef4ccaf19164de85883e12f601137d
SSDEEP

6144:PdLAAAiiQ79E0dJmSVTKQ9+F0ttshNIT3n1pV4aSrxb8UKxPVlByUD:1LAAAip5vnJVKQMF0tGHIT3n1p6a4hKN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8da9b31e38bbe1a65b2b14cf89263816_JaffaCakes118

Files

8da9b31e38bbe1a65b2b14cf89263816_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22fac87e9436477869914e9ab9de74c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
CreateIoCompletionPort
VirtualProtect
GetACP
GetStdHandle
GetEnvironmentStringsA
GetProcessVersion
HeapQueryInformation
IsDebuggerPresent
GetProcessHeap
GetCurrentThread
GetCurrentProcessId
GetTapeStatus
InterlockedExchange
GetTimeFormatA
GetLogicalDrives
LoadLibraryExA
GetModuleHandleA
WaitForSingleObject
GlobalMemoryStatus
HeapCreate

user32

GetTitleBarInfo
SetForegroundWindow
DrawTextA
BeginPaint
GetWindow
ShowWindow
FrameRect
GetClassNameA
EndPaint
SetActiveWindow
GetParent
GetDlgItem
GetWindowTextLengthA
ReleaseDC
FillRect
DragDetect
GetFocus
GetCursorPos
wsprintfA

advapi32

RegCreateKeyA
RegSetValueExA
RegEnumKeyA
RegCloseKey
RegFlushKey

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ