8ef650a0adf234578dd5cd99d789427f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ef650a0adf234578dd5cd99d789427f_JaffaCakes118
Size

18KB
MD5

8ef650a0adf234578dd5cd99d789427f
SHA1

e87476dbd51666e8deaacd8299e6b51c98b4f6f1
SHA256

4a1e0d95481dffab5713bcb6afa22e9a0c9b1e2bce0c516088f400415e114ac5
SHA512

313a775f2de86db066ef00073248110ff8386269a748d7882e37704a996cbbe7323cdaf8cb3846ec09a3dc412b6de99a122e7e0ec78cf8ffe4d24e98d1450995
SSDEEP

384:uh2RS8UUfX6p5smO3guBJTfLc0xNCPQcOl6GoBh21TsOWl:uQRxhmUguBVY0zyQGQ1/K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ef650a0adf234578dd5cd99d789427f_JaffaCakes118

Files

8ef650a0adf234578dd5cd99d789427f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

149f2f5b8c7ac7c42bc2eb1277e167cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleInputA
FreeConsole
FreeEnvironmentStringsA
GetProcessVersion
SetEndOfFile
GetVolumeNameForVolumeMountPointA
GetNumberOfConsoleFonts
WaitForDebugEvent
CopyFileA
DisableThreadLibraryCalls
GetNumberFormatA
GetDiskFreeSpaceA
VirtualAllocEx
GetFileAttributesExA
WaitForSingleObject

odbc32

SQLCancel

crypt32

CertFreeCRLContext

dhcpcsvc

DhcpUndoRequestParams

user32

MonitorFromWindow
SendMessageTimeoutA
UnregisterClassA
GetMonitorInfoA
MapWindowPoints
EnumChildWindows
InsertMenuA
MessageBoxTimeoutW
GetWindow
TranslateMDISysAccel
EnableWindow
CreateWindowExA

advapi32

GetAce
AddAce

authz

AuthzOpenObjectAudit

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ