8da9078e722e7fc7ea1148ec22f475cb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8da9078e722e7fc7ea1148ec22f475cb_JaffaCakes118
Size

44KB
MD5

8da9078e722e7fc7ea1148ec22f475cb
SHA1

3906b45eed6cbb38a096aad87951ac8d7d1b6c3d
SHA256

1d202555a50e6ebc5048f8cfbd7f7e73e7fa1974f21922b89d9c3fd76933a730
SHA512

b20e34cfc7ecc722bfb06479b48a9db1d619bef4447628e36f40437d89a7201243afe7de66c18d432e9e5e0a3a97895380e44f4fbebab6fb64491442bb3f5bb7
SSDEEP

768:BgfHVRbuQWjtsnVKGIyOmATd5R8NZta9X2r8XB8YLqgp4+folDnY:2IQunGnYdzmO9X2MuYLNp1fi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8da9078e722e7fc7ea1148ec22f475cb_JaffaCakes118

Files

8da9078e722e7fc7ea1148ec22f475cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2314b7be2a816a90b4d880d399abe0da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
LoadLibraryA
SetCurrentDirectoryW
EraseTape
VirtualProtectEx
GetProfileStringW
GetCurrentProcess
GetProfileIntA
FillConsoleOutputCharacterA
GetDiskFreeSpaceExA
TlsAlloc
CopyFileA
SetConsoleWindowInfo
FindAtomA
GetProcessVersion
GetProcAddress
CancelTimerQueueTimer
EnumResourceNamesA
FindFirstVolumeMountPointW
lstrcpyW
SwitchToThread
lstrcmpi
MoveFileWithProgressW
SetConsoleCursor
GetVolumeInformationW
GetCurrencyFormatA
SetVolumeMountPointW
lstrlenA

user32

SetCapture

Sections

.text
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE