8e8f05d63b27ba3f278af708eae44a22_JaffaCakes118 | Triage

Sharing

General

Target

8e8f05d63b27ba3f278af708eae44a22_JaffaCakes118
Size

229KB
MD5

8e8f05d63b27ba3f278af708eae44a22
SHA1

f0a1d33307cdb7418902a4838f9485a1b76b91f5
SHA256

4ebdd461873ecc48302a2d96c11bd1a993019a2032438d5b2218b6ce73b9c432
SHA512

62a16d00bb84a2b746873781f5881fe457f3bca82b74015671a9dd1e4848dee74126c80d6ec19152942495a5b8b257a94e2bda8a23e8d996ddd2fdb6a08698a8
SSDEEP

6144:IqzxOveWuUryhq5Z/KmFCYDzwIZJOsBHGMKPgbl6g:ISsveWihq7KmFHwO5BHEPk6g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e8f05d63b27ba3f278af708eae44a22_JaffaCakes118

Files

8e8f05d63b27ba3f278af708eae44a22_JaffaCakes118
.exe windows:4 windows x86 arch:x86

53af0406d1b2a51160d25feb84bfb129

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5731
ord3922
ord1089
ord2512
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord815
ord665
ord3318
ord1979
ord2803
ord6385
ord800
ord5186
ord922
ord924
ord5442
ord5773
ord4486
ord2554
ord537
ord561
ord825
ord4673
ord1168
ord4234
ord2379
ord755
ord470
ord6375
ord4274
ord353
ord354
ord1576

msvcrt

exit
_acmdln
_XcptFilter
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_onexit
_exit
__CxxFrameHandler
malloc
free
__dllonexit
_setmbcp

kernel32

GetWindowsDirectoryA
GetCommandLineA
GetModuleHandleA
GetStartupInfoA

user32

GetSystemMetrics
SendMessageA
GetClientRect
DrawIcon
IsIconic

shell32

ShellExecuteA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ