b8d44eac0a1d2d6fe6d7c8f5f3ca7899_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8d44eac0a1d2d6fe6d7c8f5f3ca7899_JaffaCakes118
Size

205KB
MD5

b8d44eac0a1d2d6fe6d7c8f5f3ca7899
SHA1

427980be9ff72a89b0f1f4bd94440037449862af
SHA256

1c23e278ebe9d20588ba7e1011814369ca59263496422e234ab0bf28385fe518
SHA512

26417e65ff5cc4a952840027962625571879de3aabe9b941266a1ee24077d03bd5111de95d680f316936813b551bb22efc1fcccf6b9456d81ec07a35d38df7d2
SSDEEP

3072:dYSXrAvS6o8qhDUNm85z8c5qPw9PZAodpgClg0uxIHt093h0CJx/Rwvu9d:dYS8v82zXLbExIN+/qqd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8d44eac0a1d2d6fe6d7c8f5f3ca7899_JaffaCakes118

Files

b8d44eac0a1d2d6fe6d7c8f5f3ca7899_JaffaCakes118
.exe windows:4 windows x86 arch:x86

02bbffe3da5237ad607b01f5713084f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
timeSetEvent

kernel32

UnhandledExceptionFilter
QueryMemoryResourceNotification
GetCommandLineA
QueryPerformanceCounter
GetProcessHeap
GetFullPathNameW
GetStartupInfoA
WriteConsoleW
HeapFree
GetConsoleMode
WriteConsoleW
GetVersionExW
GetConsoleCP
GetFileType
HeapFree
GetVersionExA
HeapAlloc
EnumResourceTypesW
HeapAlloc
GetVersionExA
UnmapViewOfFile
GetPrivateProfileSectionNamesA
GetStringTypeA
InterlockedIncrement
GetEnvironmentVariableW
FlushFileBuffers
MapViewOfFile
GetStringTypeW
CreateFileA
GetLocaleInfoA
CreateFileMappingA
ExitThread
GetStdHandle

ole32

OleTranslateAccelerator
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc

gdiplus

GdipCloneImage

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ