8e4e0f5364ba82774888501f52618249_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e4e0f5364ba82774888501f52618249_JaffaCakes118
Size

379KB
MD5

8e4e0f5364ba82774888501f52618249
SHA1

d521ccb894e06d6f2648871b7aea79ca282d86b9
SHA256

7c8f8b450ecdb0fb76b20973dabf0486d1f2fa39d0c11c178b34cae9050a9ea0
SHA512

0642e963308e8484c23d6b79ab7c6922edcc3fe33ac61342984089c9c47d21536de3bcbd1a4cd3b91e422a7ef42592faf0c8951f77f392c4a43bca5808add8ce
SSDEEP

6144:biegj4tazAIQYvGS5L1VgEhL7i8VT0f5rGcgQqXv58fV35wyiP:btgUQFQYuMLjL7icTGGJXR8UyQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e4e0f5364ba82774888501f52618249_JaffaCakes118

Files

8e4e0f5364ba82774888501f52618249_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2861f923d25d911f31ad33b1b3a42fdb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexW
DisconnectNamedPipe
SetLastError
FindClose
GlobalLock
CreateProcessW
lstrcatW
HeapAlloc
GetTimeZoneInformation
WriteFile
SetFileTime
CopyFileW
SetFileAttributesW
FlushFileBuffers
MoveFileExW
GetModuleHandleA
MultiByteToWideChar
CreateThread
FindFirstFileW
lstrcpynW
UnmapViewOfFile
GetSystemTime
GetTempPathW
GetSystemTimeAsFileTime
HeapFree
ExpandEnvironmentStringsW
SetEvent
GetModuleFileNameA
GetCurrentThread
CreateFileMappingW

user32

GetWindowTextW

Sections

.ydol
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qrstsl
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pcpav
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ