8eaed3da049082b84eb7f13720f46309_JaffaCakes118 | Triage

Sharing

General

Target

8eaed3da049082b84eb7f13720f46309_JaffaCakes118
Size

184KB
MD5

8eaed3da049082b84eb7f13720f46309
SHA1

4ed96855867a5153cfed0d4a8910bd750b953f37
SHA256

a3382698948b3bd42606ba5e54d88e60807866bce6176499146dfb24a88fa143
SHA512

4b3d9e738a2a3eea2bbe22f24331caa3ebbf54cd6962842214c57b90a18568fe547fa11785b4480269690f03a1ca42336a161e5f08515fad73f87ad3e75dcea3
SSDEEP

3072:H7kitk9PD+xsMMTMTPMPR1ZBhpqkRkZaZsJfWJKcWdauecSwuE6y87RTTHOnkEDn:HPtwEMMTPYDB3qk1Uusb4uSFw6ikEDi4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8eaed3da049082b84eb7f13720f46309_JaffaCakes118

Files

8eaed3da049082b84eb7f13720f46309_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8bc73c3a1810135951193d040dfe5b54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
LocalUnlock
IsBadReadPtr
LocalLock
GetLastError
CloseHandle
CreateEventA
LocalFree
GetConsoleCP
CreateFileA
FindClose
CreateFileMappingA
GetStdHandle
FreeEnvironmentStringsA
IsDebuggerPresent
GetModuleHandleA
LoadLibraryExA
GetACP
TlsGetValue
GetFullPathNameA

user32

ScrollWindow
GetDC
GetIconInfo
EmptyClipboard
IsWindow
DefWindowProcA
GetMessageA
CreateDialogParamA
PostMessageA
GetDlgItem
SetFocus
DispatchMessageA
EndDialog
DrawIconEx

msasn1

ASN1BERDecBool
ASN1BEREncLength
ASN1BERDecCheck
ASN1BEREncFlush
ASN1BERDecEoid

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ