8e8c44cb06d9b313efa5702ec5384d94_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e8c44cb06d9b313efa5702ec5384d94_JaffaCakes118
Size

804KB
MD5

8e8c44cb06d9b313efa5702ec5384d94
SHA1

c0f5d6f6b8d876a5ee7fbdf100e393d43808ba39
SHA256

8c9947da6e1574c256fabb1859de300c78667ed4de5517cbfe0db746064c906f
SHA512

263a3bbd9d63fd9534297581da57a7c03096bb90f4041c3ea5aeb50602abcc08358a4cdc39e7d9cb34602343cbca31ac1bf96992282b7ad5a332674b396c076a
SSDEEP

24576:8TGeVJkqnIk8QRcs5niL6Hmyasd5LpfIFqhOESJNcd9fr/:83b/82z5zR59+qlSJ2R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e8c44cb06d9b313efa5702ec5384d94_JaffaCakes118

Files

8e8c44cb06d9b313efa5702ec5384d94_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a72b636a5bcadfb71a9211927e8fa6d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

OpenFileMappingW
CreateTapePartition
FindResourceA
CreateTimerQueue
CallNamedPipeA
TransmitCommChar
FindFirstVolumeA
GetDriveTypeA
GetNamedPipeInfo
FindNextFileA
UnregisterConsoleIME
EscapeCommFunction

user32

GetMenuItemID
DdeKeepStringHandle
FrameRect
LoadLocalFonts
BeginPaint
PostMessageW
SwitchToThisWindow
CreateMenu
SendDlgItemMessageA
MessageBoxIndirectW
DefMDIChildProcA
GetWindowContextHelpId
CreateIconFromResource
DdeSetQualityOfService
TileWindows
GetWindowTextW

gdi32

MirrorRgn
SetWindowOrgEx
DeleteDC
SetWorldTransform

Sections

.code
Size: 18KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 760KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE