8ee665032ab6f29a82053565072baa64_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ee665032ab6f29a82053565072baa64_JaffaCakes118
Size

245KB
MD5

8ee665032ab6f29a82053565072baa64
SHA1

ed529126e84cc5010bee5cf9d28d56e2acc2c5d6
SHA256

204e5b4420be114d8a0b22483255b616a9ce15ad203dc1289f10b69312ac79d0
SHA512

52da34c76fed72a84f3c6de5f0948ade9c2ee96d0329e85abbd3286d9b96a2002ff12b8a2d2e8330a1b2ece5541ebfddb6ccd80c848135d9f9835d49dc3557fc
SSDEEP

6144:EWkjmRragOuKlaFQnzuP3iFBELzoIr2aTe28gBtU/:ejI5PKaFQzufib0zZr2aTe28gB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ee665032ab6f29a82053565072baa64_JaffaCakes118

Files

8ee665032ab6f29a82053565072baa64_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8506949651d98b12ec9fbf2549df7194

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawTextW

shell32

ShellExecuteExW

kernel32

TermsrvAppInstallMode
FindClose
FindFirstFileW
CompareStringW
Sleep
GetFileAttributesExW
CreateThread
GetExitCodeThread
LeaveCriticalSection
EnterCriticalSection
ResumeThread
GetCurrentThreadId
GetSystemTimeAsFileTime

oleaut32

DispGetIDsOfNames
DispGetIDsOfNames
VarI1FromDec
CreateErrorInfo
VariantInit
SysFreeString

Sections

.text
Size: 128KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 306B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ