JaffaCakes118_8a9c41932cb7b64c82dfc6277b48d365 | Triage

Sharing

General

Target

JaffaCakes118_8a9c41932cb7b64c82dfc6277b48d365
Size

172KB
MD5

8a9c41932cb7b64c82dfc6277b48d365
SHA1

06ffa1f2a694a87abc49a542bb188685c8031d55
SHA256

aa54237629b8c2d8c89072b0605565e55994ca9e7ce83932206cf0f62a8c3d1c
SHA512

b42550dd058a49f0ae580fb994a121b43e198cf6c82f98cb3951c12c29105e6a450ab5c59043e0bb25b1e69d81412cf7f212db5425299fcf1b66c9746ccf28eb
SSDEEP

3072:v/wNH7x6QHEhw+LJCdiPMq2ZcmiX8A4V1V18hSdsmW/ifvfeNFeSclO19Wrk:vo7xCHJlPMRZcLX8A41XdVGNFeSclq9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_8a9c41932cb7b64c82dfc6277b48d365

Files

JaffaCakes118_8a9c41932cb7b64c82dfc6277b48d365
.exe windows:5 windows x86 arch:x86

c890a6fee7b7c93f6753925006c30abb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsCharUpperA

kernel32

GetProcessHeap

Exports

Exports

?SecondTimer@@YG_KPAUHBITMAP__@@PAU_PSP@@@Z

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dec1z
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 512B - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dec2z
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dec2p
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dec3s
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ