08c8c3c380f5e10fcc95924b448ef7ca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08c8c3c380f5e10fcc95924b448ef7ca_JaffaCakes118
Size

816KB
MD5

08c8c3c380f5e10fcc95924b448ef7ca
SHA1

7c4eb61d385a1e973b29c8220339913363ee1180
SHA256

65fcc7bc928563e811f535fdf1014193c8f1e1dd5f39119150989e929ea542f3
SHA512

e242fdd1735dfb280c31633d520e9fbbd6647e9b91c9b8766431163be548db84ae984b5543c89aef2644c200451855d85dd8ae9fbf9e5da0cab4c5b69af5e494
SSDEEP

24576:TbSjKfg2gzpaXuWScBDKubQ8reMthxThm3Zr:CjcLSc9Ku15nK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08c8c3c380f5e10fcc95924b448ef7ca_JaffaCakes118

Files

08c8c3c380f5e10fcc95924b448ef7ca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2de67e15cebd758e0e3f81a9b9e06c01

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryW
Beep
WriteConsoleW
Beep
GetCurrentThreadId
Beep
GetPrivateProfileIntA
Beep
VirtualProtect
Beep
FormatMessageA
ReleaseMutex
Beep
TlsGetValue
DeleteFileW
lstrlenW
VirtualQuery
SetLocaleInfoA
GetModuleFileNameW
GetModuleHandleA
TlsSetValue
Beep
SetThreadPriority
Beep
Beep
lstrcatA
GetCommandLineA
Beep
GetFullPathNameW

catsrvut

StartMTSTOCOM
CGMIsAdministrator
RegDBRestore
RegDBBackup

Sections

.TEXT
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ndata
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.vdata
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ