8eb02455fb7d4aa65b60d7df5a180e2f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8eb02455fb7d4aa65b60d7df5a180e2f_JaffaCakes118
Size

413KB
MD5

8eb02455fb7d4aa65b60d7df5a180e2f
SHA1

c287b05e8e2953be942288752cd59bf0f955dfa9
SHA256

db6f4229dbd8d91762a27621565f86a076ae2923aff49d567969150cad835f10
SHA512

aeac2f4a6557bac9ababd848417f7d4c15da7b637628c37c2d7e5efcd692a45555abb2161dd6520c6d634f6183d0100665d32db5c11eca5db8940998b10da0bf
SSDEEP

6144:rZi+WewfBUvNFz4o4+MymM552Yn1rMRMUN+zaRtACBZyD7J2s:Ni+WekwD4Nryt/XUUXYIxF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8eb02455fb7d4aa65b60d7df5a180e2f_JaffaCakes118

Files

8eb02455fb7d4aa65b60d7df5a180e2f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b217af1e3a5f8607b09a556d707a8a7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
CreateMutexA
GetStdHandle
GetThreadLocale
TlsFree
GetConsoleCP
GetVolumeInformationA
GetUserDefaultLangID
CreatePipe
GlobalFindAtomA
SetEvent
IsDBCSLeadByte
CreateThread
GetProcessHeap
TlsGetValue
GetExitCodeThread
VirtualAlloc
CompareStringA
GetModuleHandleA
ReleaseMutex
GetPriorityClass

user32

GetFocus
DrawTextExA
GetWindow
GetClassInfoExA
RegisterClassA
GetSystemMetrics
GetWindowTextLengthA
ValidateRect
GetActiveWindow
IsWindowVisible
CloseWindow
IsIconic
GetDC
ReleaseDC
GetClassNameA
ShowWindow
GetForegroundWindow
InvalidateRect
GetWindowTextA

shell32

SHBrowseForFolderA
SHGetMalloc
SHGetFileInfoA
SHGetFolderPathA
SHChangeNotify

userenv

LoadUserProfileA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ