JaffaCakes118_8c39ef4c2f9312349b98cf54f973c695 | Triage

Sharing

General

Target

JaffaCakes118_8c39ef4c2f9312349b98cf54f973c695
Size

163KB
MD5

8c39ef4c2f9312349b98cf54f973c695
SHA1

f5a539f5f23b4e0de3d3d0a669d650d3c0906e53
SHA256

71dcd24da257c7bb0873fd9c276b7a463c9b85429589a338ae2e28787ae378c7
SHA512

31222a884abb443cc449bd03d0a4c4987e23cee7c4a909f724acd9103d5b0acf696a855574761872a8ffe910343912ff41019f0baabf09488417c7351d48f520
SSDEEP

3072:VE7bLMhkEUXRTAMszsW6tmfc67cW6troxFKjs5quCwuHT8dL7srl1WzlR9F3:VE7bLMCTAMsJjfP76B24A5q/HYdL7sJk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_8c39ef4c2f9312349b98cf54f973c695

Files

JaffaCakes118_8c39ef4c2f9312349b98cf54f973c695
.exe windows:4 windows x86 arch:x86

eaab878c72e0c6e82c7b049e50c36efc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FindFirstFileW
GetStringTypeW
GetNextVDMCommand
SetErrorMode
SetThreadPriority
GetShortPathNameW
LocalFileTimeToFileTime
FindClose
SetEnvironmentVariableW
CompareStringA
FileTimeToLocalFileTime
SetCurrentDirectoryW
EnumResourceNamesW
SystemTimeToFileTime
FindResourceW
RegisterWaitForSingleObject
FileTimeToSystemTime
FreeLibrary
GetLocalTime
LoadResource
FindNextFileW
SearchPathW

user32

GetCapture
ValidateRect
SetCapture
RealGetWindowClassA
ValidateRgn
ExcludeUpdateRgn
ReleaseCapture
InvalidateRgn
GetUpdateRgn

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ