8db8fe105a9c9fe1df7003a515997e70_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8db8fe105a9c9fe1df7003a515997e70_JaffaCakes118
Size

58KB
MD5

8db8fe105a9c9fe1df7003a515997e70
SHA1

6470984e3bf4be7616b94a89e5ac5f09baed14b9
SHA256

3962a5b2af9d729a260afe3b3d739635150793ec234a237cd1ac72309cd8a066
SHA512

06c2be0b538d4e193a2ffd671de0c89f65321e2538e30acbce2daf201327259eaf0f6cdaf6f01c7045f1b79d187114f38f532956addf1c4af46908c0503156c3
SSDEEP

1536:nZh+ksn7h54jJj2S12dLh7TU6sQEqZjvTMnrd:n/+dnk9j242dJzXhZjvwd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8db8fe105a9c9fe1df7003a515997e70_JaffaCakes118

Files

8db8fe105a9c9fe1df7003a515997e70_JaffaCakes118
.exe windows:4 windows x86 arch:x86

13d7560eb27c7d7a6fd3e356710688bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

pdb.pdb

Imports

kernel32

OpenProcess
GetCurrentProcessId
lstrcmpA
MulDiv
LocalFree
Sleep
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
TerminateThread
WaitForSingleObject
CreateThread
CloseHandle
GetLocaleInfoA
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
HeapAlloc
GetProcessHeap
HeapFree
EnumCalendarInfoExA
GetCommProperties

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 410B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ