08ede77ead986fbb42554059f36b1a68_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08ede77ead986fbb42554059f36b1a68_JaffaCakes118
Size

132KB
MD5

08ede77ead986fbb42554059f36b1a68
SHA1

808fc28d4718a660d8a0e127a4cb7ba349bc28fc
SHA256

e8a654f8949005c5cea680857b1fe98d428dfb7a6ea72c9edd110a87858b92f7
SHA512

3ba83f758484f0bb4284eec51488c03501085e8612824c99192141799a31f3944c29a2ee33fcae66f839be119c2b17d2d06d669fed0f05ed84e00b65db0f2315
SSDEEP

3072:kOUry7lDT/hJNUTYdlVbkSSga7cmPMzVLN/MqDq/:kOUqhFSSlaYNhb+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08ede77ead986fbb42554059f36b1a68_JaffaCakes118

Files

08ede77ead986fbb42554059f36b1a68_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a3cce875db6177cfd8985e4220c1b76e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSizeEx
RegisterWowBaseHandlers
WriteProfileStringA
SetVDMCurrentDirectories
HeapSize
CancelTimerQueueTimer
IsDBCSLeadByteEx
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

icode
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

idata
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ