c8f086d5a865450dc99bbc2575b50aea_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8f086d5a865450dc99bbc2575b50aea_JaffaCakes118
Size

207KB
MD5

c8f086d5a865450dc99bbc2575b50aea
SHA1

13db6aa74aabc7ba40a8758714542a48d4b3aab7
SHA256

54affdeb9b7fbb6673ba95b6604388a0582543993927493da6c794e23c58ac35
SHA512

b660ae4e686101f7e225a683c2e465aed82df4c4367eda1d964a065bffc563bf996467d445a14c7508e73a5a09839fac24dcd27fd4a8f5d9d2b72d74eb280484
SSDEEP

3072:NVKYd1zkcfDl43WFtSPfdla7Jagj92V8NxM4PGttYUjQ77B:TdRkSRIfdlaO4erZjw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8f086d5a865450dc99bbc2575b50aea_JaffaCakes118

Files

c8f086d5a865450dc99bbc2575b50aea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

86f419baa9bc0f380b648d3fadf20616

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
GetDC
GetSystemMetrics
GetDesktopWindow

kernel32

RemoveDirectoryA
GetTickCount
lstrlenA
GetCurrentProcess
Sleep
GetOEMCP
GetCommandLineW
GetACP
GetCurrentProcessId
lstrcmpiW
GetCommandLineA
IsDebuggerPresent
GetWindowsDirectoryA
DeleteFileW
QueryPerformanceCounter
SetLastError
GetCurrentThread
SetCurrentDirectoryA
GetLastError
GetModuleHandleW
DeleteFileA
GetUserDefaultLangID
GlobalFindAtomW
LoadLibraryW
lstrcmpiA
GetDriveTypeA
GetModuleHandleA
lstrcmpA
lstrlenW
CopyFileA
GetCurrentThreadId
GlobalFindAtomA
GetStartupInfoA
GetConsoleOutputCP
MulDiv
GetThreadLocale
GetVersion
GetProcessHeap
VirtualAlloc

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ