8ec3c965f90e4c429048ec1656509684_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ec3c965f90e4c429048ec1656509684_JaffaCakes118
Size

30KB
MD5

8ec3c965f90e4c429048ec1656509684
SHA1

8e3a7ddd732eddddfa4cf1bf20a55fe52ae3f2fb
SHA256

f2d83f490db62e1fc2cb9e5fce5591098bfa2a6b303a9c9d755ab044c105134f
SHA512

a0d8f85ac48fa938694bb8f16c0ae233306b427388a8c6ef685c9d99c7de065a6d151dda639864ddc2d99f6e224420e50ca434f3a5824b53a4f1c07b7e11069e
SSDEEP

384:6GjGHvG4T53SWz3lgZhlmt4PmlDHstt/6y9w1N5v7y6oBJT:6nb53n3lg7ItRsSTr5W6orT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ec3c965f90e4c429048ec1656509684_JaffaCakes118

Files

8ec3c965f90e4c429048ec1656509684_JaffaCakes118
.exe windows:4 windows x86 arch:x86

865523294e3efb61b3b838385d8f18e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
GetModuleFileNameA
GetSystemDirectoryA
Sleep
GetModuleHandleA
GetTickCount
FindNextFileA
FindFirstFileA
CloseHandle
WriteFile
CreateFileA
SetFileAttributesA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetStdHandle
LoadLibraryA
GetProcAddress
HeapReAlloc
GetVersionExA
CreateMutexA
GetLastError
GetLocalTime
CreateThread
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
FlushFileBuffers

user32

FindWindowExA
ShowWindow
EnableWindow
FindWindowA
LoadIconA
GetSystemMetrics
GetDC
DrawIcon
ReleaseDC

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey
GetUserNameA

Sections

.data
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ