b8e2335d05a9d72b76b43fda867deda4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8e2335d05a9d72b76b43fda867deda4_JaffaCakes118
Size

137KB
MD5

b8e2335d05a9d72b76b43fda867deda4
SHA1

2dac1ad8be599492dcef55ce2df9b57ce21be178
SHA256

5e2ed58d9e555096ebb700d5a8d17110f5b67745d045a84f804e646f17cd8934
SHA512

58c9197afc42a737205c1af721d13231f158598e7d1f120052afb0b6288deb9522f1a6d014123206f3cc935476583db3f5057df6ca70dff47ed7e47e2e0a057a
SSDEEP

3072:MPZMWX8vLEIZm8IdU5TK3A/1Rkc6Wk31jxOQIsfCs6/yCoZXD26/D+heVEIy:MPZRX8LbIdqAKLkR11IItBx6EWyLy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8e2335d05a9d72b76b43fda867deda4_JaffaCakes118

Files

b8e2335d05a9d72b76b43fda867deda4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5be46715c39c49deed3eb5b933501e08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
ExpandEnvironmentStringsW
GetModuleHandleA
CreateThread
GetCurrentThread
CreateMutexW
lstrcatW
HeapAlloc
EnterCriticalSection
ReleaseMutex
GetDriveTypeW
GlobalLock
FindClose
CreateFileMappingW
SetLastError
GetCommandLineA
WriteFile
GetSystemTimeAsFileTime
CopyFileW
lstrcmpiA
SetFileTime
MultiByteToWideChar
SetEndOfFile
CloseHandle
HeapFree
FlushFileBuffers
GetTempPathW
SetThreadPriority
OpenProcess
lstrcpynW
SetFileAttributesW

user32

SetProcessWindowStation
DispatchMessageW

Sections

.elezox
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cvopqz
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rorad
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ