b8148a108ba175ce575c14ff328447bd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8148a108ba175ce575c14ff328447bd_JaffaCakes118
Size

322KB
MD5

b8148a108ba175ce575c14ff328447bd
SHA1

e50be465ca59d8b0304c852d0414045527258c4f
SHA256

1b3f7697a85eed5f23b6dc7acf1d157fdd6a8f69ce10425571dac2fca475f91d
SHA512

501913c71f910e2aad2fc2723072d502735f51ed830fc4770e2aa206ecc503172270bc88085aaef62bc9edeb0362cfaa85c39c68cabe2b702f3e3f71a7650768
SSDEEP

6144:M0QNciwKcTrhyvp3JWhxI99VYowRihtv0BXr+ZqvC3SdHSOCZQ:Kcnsd4ipwwtv8Xr+Z1KSOCZQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8148a108ba175ce575c14ff328447bd_JaffaCakes118

Files

b8148a108ba175ce575c14ff328447bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1d0fd92d093f99e370412beaed8986a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetComputerNameA
SetEvent
lstrcmpiA
HeapDestroy
Sleep
SearchPathA
ExitProcess
ResumeThread
GetStartupInfoA
AddAtomA
GetDiskFreeSpaceA
DeleteCriticalSection
CloseHandle
PulseEvent
VirtualProtect
ReleaseMutex
TlsGetValue
GetLastError
GetModuleHandleA

user32

CloseWindow
GetKeyState
CreateWindowExA
DispatchMessageA
GetMessageA
GetScrollBarInfo
CopyImage
DragDetect
EnableWindow
EndDialog
CreateMenu
CopyIcon
IsIconic
DialogBoxParamA

hlink

HlinkIsShortcut
HlinkResolveShortcut
HlinkNavigate
HlinkTranslateURL
HlinkClone

shell32

DragQueryFileA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ