8e2b44d7f01a90e103fc915f88bc6e63_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e2b44d7f01a90e103fc915f88bc6e63_JaffaCakes118
Size

41KB
MD5

8e2b44d7f01a90e103fc915f88bc6e63
SHA1

d52fa6138cf2cb56a6c2ff17728642187a2cf81e
SHA256

ea0f25877a2e0d64bbc4131fe88cfd6813605c6089a59ab302115c55eda6dee3
SHA512

f1a279345c1175a06df8250fdfee37a53056f4996dff06428eb1172ca0ab551a059fee4f3abe903046448c2b000722c89eb6961a863b55ca3c2c8e19cb2babf7
SSDEEP

768:7lfcgfjKCbRjToCM8hQrkDaP5yvVw1otdlwAGRywIko:5cEOuoCrhQSaP0MMdlIRy3ko

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e2b44d7f01a90e103fc915f88bc6e63_JaffaCakes118

Files

8e2b44d7f01a90e103fc915f88bc6e63_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88a1959e9746aeebfdccb0e00ee9e2a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
EnumDateFormatsExA
GetProcAddress
FoldStringW
LoadLibraryA
FillConsoleOutputAttribute
GetProfileStringW
lstrcmpW
FormatMessageA
LocalHandle
OpenWaitableTimerA
GetCurrentProcess
VerLanguageNameW
IsProcessorFeaturePresent
DosPathToSessionPathA
GetOEMCP
OpenConsoleW
VirtualProtectEx
OpenFileMappingW
UnregisterWaitEx
SetVDMCurrentDirectories
DosPathToSessionPathW
LocalUnlock
ReadFileEx
LoadLibraryExA
CallNamedPipeW
SetConsoleHardwareState
CreateEventA
QueueUserAPC
FindNextFileW

user32

SetCapture

Sections

.text
Size: 4KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE