ec9025ac1318d778392ece4fa5d0e605_JaffaCakes118 | Triage

Sharing

General

Target

ec9025ac1318d778392ece4fa5d0e605_JaffaCakes118
Size

67KB
MD5

ec9025ac1318d778392ece4fa5d0e605
SHA1

c488326d1781516a48363d5377d1909f4f6700a8
SHA256

947d67220596af588c963c7c3de4533de3f7faf3795ca7ab3a4b1f462a33695c
SHA512

1cfa4b286a26134291605e719d4233dc29d787e6e22f73cd4148989025cf7f3377dc6751086d4b1156baf2170e9fd1ad68e844f60b52b1d050a494125cee519f
SSDEEP

1536:5IsGKSIUcU0Jt71e3DpeM2I1SkdagKxA1F:ms/SIUh05e3x29uF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec9025ac1318d778392ece4fa5d0e605_JaffaCakes118

Files

ec9025ac1318d778392ece4fa5d0e605_JaffaCakes118
.exe windows:1 windows x86 arch:x86

d232d3441b89d980cb42118c4d563f63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteExA

kernel32

GetCommandLineA
GetCurrentDirectoryA
GetEnvironmentVariableA
GetFileAttributesA
GetFileSize
GetFileTime
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
CloseHandle
GetStdHandle
GetSystemDirectoryA
GetTickCount
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
ReadFile
RtlUnwind
RtlZeroMemory
CreateFileA
SetCurrentDirectoryA
SetFileAttributesA
SetFilePointer
SetFileTime
Sleep
SystemTimeToFileTime
WaitForSingleObject
WriteConsoleA
WriteFile
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA

user32

wvsprintfA

crtdll

__GetMainArgs
_strnicmp
exit
gmtime
localtime
mktime
raise
signal
strcat
strchr
strncmp
strncpy

Sections

.avp
Size: 64KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE