c8ea015759c277c798e198561f57e179_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8ea015759c277c798e198561f57e179_JaffaCakes118
Size

120KB
MD5

c8ea015759c277c798e198561f57e179
SHA1

d40f6900d4772dc5303f6bce26fa8136cff74f31
SHA256

df7880801412d801b2bfdb0b292ebc37bee189a840cefbd8a063fbdcdd125a6d
SHA512

c4fc18fce16ba150e1056ccd071735ca9743191010ed33c4cd4649a1a18cc3c12269a9d235d8ca35a0aab6c7782b536edf260e74981e2af1e2209db2c59f9a92
SSDEEP

3072:+uPbJRNLCnzjTlEWjhBoHA+MTbd530tfg6:+MDNOzjTaWHovMvc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8ea015759c277c798e198561f57e179_JaffaCakes118

Files

c8ea015759c277c798e198561f57e179_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b6c18318f9ddcb970d35b2a998caafe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetCommandLineW
ReadConsoleInputA
Thread32Next
GetEnvironmentVariableA
ExitProcess
PeekConsoleInputA
VirtualAllocEx
GetPrivateProfileSectionNamesW
GetSystemWindowsDirectoryA
FindFirstFileExA
GetThreadPriorityBoost
WaitCommEvent

user32

InvalidateRgn
UnhookWinEvent
IsCharLowerA
LockWindowUpdate
CloseWindowStation
DragObject
ChangeDisplaySettingsExW
GetRawInputDeviceList
DrawFocusRect
GetDCEx
MonitorFromPoint

gdi32

GetRasterizerCaps

Sections

.text
Size: 108KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbbs
Size: - Virtual size: 728B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ