8d8af863a4de37b7da115f8688ab165e_JaffaCakes118 | Triage

Sharing

General

Target

8d8af863a4de37b7da115f8688ab165e_JaffaCakes118
Size

105KB
MD5

8d8af863a4de37b7da115f8688ab165e
SHA1

bd01c7d8754e95e252abf00f3c576aeda4a84ee5
SHA256

082303d4cd39abb8efdc52203bf253fb6f8aeb75d8d8eb34bd228c8964daecad
SHA512

9421fb9e0d2535645540bd85cfbde37f6758226c3f0a880ef1f5969d91de8764a5faaf69f3e28432521438436ec809aa26b3b90f6b764be461dd5409ba09f53c
SSDEEP

768:T5YXLn2q8f+Rd4BDMVAaAF8tXID8wx8z+xSSJqM+fHfB68c8giIUq0YM7X:T5Y70NhFSYfsUnof/s8X3q0d7X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d8af863a4de37b7da115f8688ab165e_JaffaCakes118

Files

8d8af863a4de37b7da115f8688ab165e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ff967ae5056af53c7e0fb22ea72e255e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindVolumeClose
Sleep
ReleaseMutex
TlsGetValue
DeleteCriticalSection
FindClose
GetModuleHandleA
ExitProcess
SetEvent
VirtualProtect
CloseHandle
SearchPathA
GetDiskFreeSpaceA
lstrlenA
CreateThread
FindResourceExA
FindAtomA
GetTickCount
GetCalendarInfoA
GetLastError

user32

CopyImage
CreateWindowExA
DispatchMessageA
GetMessageA
EnableWindow
GetUpdateRect
GetKeyState
DragDetect
GetScrollBarInfo
EndDialog
IsIconic
DialogBoxParamA
CreateMenu
CloseWindow

msdmo

DMOGetName
DMORegister
DMOGetTypes
DMOUnregister
DMOEnum

advapi32

RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ